Search criteria
625 vulnerabilities found for Windows 10 by Microsoft
CVE-2024-6769 (GCVE-0-2024-6769)
Vulnerability from cvelistv5 – Published: 2024-09-26 20:18 – Updated: 2025-08-29 20:22
VLAI?
Title
Medium to High Integrity Privilege Escalation in Microsoft Windows
Summary
A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt.
Severity ?
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Windows 10 |
Affected:
10.0.0
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Ricardo Narvaja
Nicolás Economou
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "windows_10",
"vendor": "microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "windows_11",
"vendor": "microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "windows_server_2016",
"vendor": "microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "windows_server_2019",
"vendor": "microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "windows_server_2022",
"vendor": "microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6769",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T17:08:19.342974Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T17:12:48.256Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/fortra/CVE-2024-6769"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Windows 10",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ricardo Narvaja"
},
{
"lang": "en",
"type": "finder",
"value": "Nicol\u00e1s Economou"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt."
}
],
"value": "A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt."
}
],
"impacts": [
{
"capecId": "CAPEC-251",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-251 Local Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426 Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T20:22:43.078Z",
"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"shortName": "Fortra"
},
"references": [
{
"url": "https://www.fortra.com/security/advisories/research/fr-2024-002"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Medium to High Integrity Privilege Escalation in Microsoft Windows",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"assignerShortName": "Fortra",
"cveId": "CVE-2024-6769",
"datePublished": "2024-09-26T20:18:38.460Z",
"dateReserved": "2024-07-15T21:02:43.641Z",
"dateUpdated": "2025-08-29T20:22:43.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6768 (GCVE-0-2024-6768)
Vulnerability from cvelistv5 – Published: 2024-08-12 18:29 – Updated: 2025-09-15 17:28
VLAI?
Title
Denial of Service in CLFS.sys
Summary
A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function.
Severity ?
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Windows 10 |
Affected:
10.0.0
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Ricardo Narvaja
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6768",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-13T14:23:52.599512Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T14:24:58.377Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-09-15T17:28:11.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2024-6768-detection-script-blue-screen-of-death-vulnerability-affecting-microsoft-windows"
},
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2024-6768-mitigation-script-blue-screen-of-death-vulnerability-affecting-microsoft-windows"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Windows 10",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ricardo Narvaja"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function."
}
],
"value": "A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function."
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T18:29:30.770Z",
"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"shortName": "Fortra"
},
"references": [
{
"url": "https://www.fortra.com/security/advisories/research/fr-2024-001"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Denial of Service in CLFS.sys",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"assignerShortName": "Fortra",
"cveId": "CVE-2024-6768",
"datePublished": "2024-08-12T18:29:30.770Z",
"dateReserved": "2024-07-15T21:02:40.118Z",
"dateUpdated": "2025-09-15T17:28:11.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6769 (GCVE-0-2024-6769)
Vulnerability from nvd – Published: 2024-09-26 20:18 – Updated: 2025-08-29 20:22
VLAI?
Title
Medium to High Integrity Privilege Escalation in Microsoft Windows
Summary
A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt.
Severity ?
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Windows 10 |
Affected:
10.0.0
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Ricardo Narvaja
Nicolás Economou
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "windows_10",
"vendor": "microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_11:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "windows_11",
"vendor": "microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "windows_server_2016",
"vendor": "microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "windows_server_2019",
"vendor": "microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "windows_server_2022",
"vendor": "microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6769",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T17:08:19.342974Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T17:12:48.256Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/fortra/CVE-2024-6769"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Windows 10",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ricardo Narvaja"
},
{
"lang": "en",
"type": "finder",
"value": "Nicol\u00e1s Economou"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt."
}
],
"value": "A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt."
}
],
"impacts": [
{
"capecId": "CAPEC-251",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-251 Local Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426 Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T20:22:43.078Z",
"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"shortName": "Fortra"
},
"references": [
{
"url": "https://www.fortra.com/security/advisories/research/fr-2024-002"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Medium to High Integrity Privilege Escalation in Microsoft Windows",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"assignerShortName": "Fortra",
"cveId": "CVE-2024-6769",
"datePublished": "2024-09-26T20:18:38.460Z",
"dateReserved": "2024-07-15T21:02:43.641Z",
"dateUpdated": "2025-08-29T20:22:43.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6768 (GCVE-0-2024-6768)
Vulnerability from nvd – Published: 2024-08-12 18:29 – Updated: 2025-09-15 17:28
VLAI?
Title
Denial of Service in CLFS.sys
Summary
A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function.
Severity ?
CWE
- CWE-1284 - Improper Validation of Specified Quantity in Input
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Windows 10 |
Affected:
10.0.0
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
Credits
Ricardo Narvaja
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6768",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-13T14:23:52.599512Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T14:24:58.377Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-09-15T17:28:11.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2024-6768-detection-script-blue-screen-of-death-vulnerability-affecting-microsoft-windows"
},
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2024-6768-mitigation-script-blue-screen-of-death-vulnerability-affecting-microsoft-windows"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Windows 10",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows 11",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
},
{
"defaultStatus": "affected",
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "10.0.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ricardo Narvaja"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function."
}
],
"value": "A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function."
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T18:29:30.770Z",
"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"shortName": "Fortra"
},
"references": [
{
"url": "https://www.fortra.com/security/advisories/research/fr-2024-001"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Denial of Service in CLFS.sys",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"assignerShortName": "Fortra",
"cveId": "CVE-2024-6768",
"datePublished": "2024-08-12T18:29:30.770Z",
"dateReserved": "2024-07-15T21:02:40.118Z",
"dateUpdated": "2025-09-15T17:28:11.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
VAR-201805-0963
Vulnerability from variot - Updated: 2024-07-23 21:53Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. CPU hardware utilizing speculative execution may be vulnerable to cache timing side-channel analysis. Two vulnerabilities are identified, known as "Variant 3a" and "Variant 4". CPUhardware is firmware that runs in the central processor for managing and controlling the CPU. Multiple CPUHardware information disclosure vulnerabilities. The vulnerability is caused by a race condition in the CPU cache processing. Local attackers can exploit vulnerabilities to obtain sensitive information through side channel analysis. AMD, ARM, and Intel CPUs are all CPU (central processing unit) products from different manufacturers. AMD, ARM, and Intel CPUs have security vulnerabilities. Relevant releases/architectures:
RHV-M 4.2 - noarch
- Description:
The org.ovirt.engine-root is a core component of oVirt. 7) - x86_64
- Description:
Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Once all virtual machines have shut down, start them again for this update to take effect. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2018:1965-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:1965 Issue date: 2018-06-26 CVE Names: CVE-2017-11600 CVE-2018-3639 =====================================================================
- Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - noarch, ppc64le, s390x Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - noarch, ppc64le
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639, PowerPC, x86 AMD)
-
kernel: Out-of-bounds access via an XFRM_MSG_MIGRATE xfrm Netlink message (CVE-2017-11600)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Ken Johnson (Microsoft Security Response Center) and Jann Horn (Google Project Zero) for reporting CVE-2018-3639.
Bug Fix(es):
These updated kernel packages include also numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https://access.redhat.com/articles/3485871
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1474928 - CVE-2017-11600 kernel: Out-of-bounds access via an XFRM_MSG_MIGRATE xfrm Netlink message 1566890 - CVE-2018-3639 hw: cpu: speculative store bypass
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: kernel-3.10.0-862.6.3.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm kernel-doc-3.10.0-862.6.3.el7.noarch.rpm
x86_64: kernel-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm kernel-devel-3.10.0-862.6.3.el7.x86_64.rpm kernel-headers-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.6.3.el7.x86_64.rpm perf-3.10.0-862.6.3.el7.x86_64.rpm perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm python-perf-3.10.0-862.6.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.6.3.el7.x86_64.rpm perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: kernel-3.10.0-862.6.3.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm kernel-doc-3.10.0-862.6.3.el7.noarch.rpm
x86_64: kernel-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm kernel-devel-3.10.0-862.6.3.el7.x86_64.rpm kernel-headers-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.6.3.el7.x86_64.rpm perf-3.10.0-862.6.3.el7.x86_64.rpm perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm python-perf-3.10.0-862.6.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.6.3.el7.x86_64.rpm perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: kernel-3.10.0-862.6.3.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm kernel-doc-3.10.0-862.6.3.el7.noarch.rpm
ppc64: kernel-3.10.0-862.6.3.el7.ppc64.rpm kernel-bootwrapper-3.10.0-862.6.3.el7.ppc64.rpm kernel-debug-3.10.0-862.6.3.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm kernel-debug-devel-3.10.0-862.6.3.el7.ppc64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-862.6.3.el7.ppc64.rpm kernel-devel-3.10.0-862.6.3.el7.ppc64.rpm kernel-headers-3.10.0-862.6.3.el7.ppc64.rpm kernel-tools-3.10.0-862.6.3.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm kernel-tools-libs-3.10.0-862.6.3.el7.ppc64.rpm perf-3.10.0-862.6.3.el7.ppc64.rpm perf-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm python-perf-3.10.0-862.6.3.el7.ppc64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm
ppc64le: kernel-3.10.0-862.6.3.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debug-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-862.6.3.el7.ppc64le.rpm kernel-devel-3.10.0-862.6.3.el7.ppc64le.rpm kernel-headers-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-libs-3.10.0-862.6.3.el7.ppc64le.rpm perf-3.10.0-862.6.3.el7.ppc64le.rpm perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm python-perf-3.10.0-862.6.3.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm
s390x: kernel-3.10.0-862.6.3.el7.s390x.rpm kernel-debug-3.10.0-862.6.3.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.s390x.rpm kernel-debug-devel-3.10.0-862.6.3.el7.s390x.rpm kernel-debuginfo-3.10.0-862.6.3.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-862.6.3.el7.s390x.rpm kernel-devel-3.10.0-862.6.3.el7.s390x.rpm kernel-headers-3.10.0-862.6.3.el7.s390x.rpm kernel-kdump-3.10.0-862.6.3.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-862.6.3.el7.s390x.rpm kernel-kdump-devel-3.10.0-862.6.3.el7.s390x.rpm perf-3.10.0-862.6.3.el7.s390x.rpm perf-debuginfo-3.10.0-862.6.3.el7.s390x.rpm python-perf-3.10.0-862.6.3.el7.s390x.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.s390x.rpm
x86_64: kernel-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm kernel-devel-3.10.0-862.6.3.el7.x86_64.rpm kernel-headers-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.6.3.el7.x86_64.rpm perf-3.10.0-862.6.3.el7.x86_64.rpm perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm python-perf-3.10.0-862.6.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):
noarch: kernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm kernel-doc-3.10.0-862.6.3.el7.noarch.rpm
ppc64le: kernel-3.10.0-862.6.3.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debug-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-862.6.3.el7.ppc64le.rpm kernel-devel-3.10.0-862.6.3.el7.ppc64le.rpm kernel-headers-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-libs-3.10.0-862.6.3.el7.ppc64le.rpm perf-3.10.0-862.6.3.el7.ppc64le.rpm perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm python-perf-3.10.0-862.6.3.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm
s390x: kernel-3.10.0-862.6.3.el7.s390x.rpm kernel-debug-3.10.0-862.6.3.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.s390x.rpm kernel-debug-devel-3.10.0-862.6.3.el7.s390x.rpm kernel-debuginfo-3.10.0-862.6.3.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-862.6.3.el7.s390x.rpm kernel-devel-3.10.0-862.6.3.el7.s390x.rpm kernel-headers-3.10.0-862.6.3.el7.s390x.rpm kernel-kdump-3.10.0-862.6.3.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-862.6.3.el7.s390x.rpm kernel-kdump-devel-3.10.0-862.6.3.el7.s390x.rpm perf-3.10.0-862.6.3.el7.s390x.rpm perf-debuginfo-3.10.0-862.6.3.el7.s390x.rpm python-perf-3.10.0-862.6.3.el7.s390x.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.s390x.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: kernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-862.6.3.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-862.6.3.el7.ppc64.rpm perf-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm
ppc64le: kernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debug-devel-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-862.6.3.el7.ppc64le.rpm perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm
x86_64: kernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.6.3.el7.x86_64.rpm perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):
noarch: kernel-doc-3.10.0-862.6.3.el7.noarch.rpm
ppc64le: kernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debug-devel-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-862.6.3.el7.ppc64le.rpm perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: kernel-3.10.0-862.6.3.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm kernel-doc-3.10.0-862.6.3.el7.noarch.rpm
x86_64: kernel-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm kernel-devel-3.10.0-862.6.3.el7.x86_64.rpm kernel-headers-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-862.6.3.el7.x86_64.rpm perf-3.10.0-862.6.3.el7.x86_64.rpm perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm python-perf-3.10.0-862.6.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: kernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-862.6.3.el7.x86_64.rpm perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-11600 https://access.redhat.com/security/cve/CVE-2018-3639 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/3485871
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBWzJvQtzjgjWX9erEAQhA1BAAnHot2ERbRC9tVbWzn8egMTLwNGaPfu8b RhzRg0qgwySJM7JXfEC2fKJYoCaL71ykhGUC98wNc5SJVqkfzMt66pyxrMrK8Ff2 +LJW3BFAbFfzzt/NMRwXM+s2TSNj6BhqWpohgmB83jz3uPzH51QBp2SbumMDwdrj VN9/rZlA/2rofE/7Lyz2B/Rks5oEvRbW4pf4hDpARDLqD8iU4UhW8QGb4HZfH//X lvVTnKaMvCN1Jecc0fyp6lE4no2FBMPBlIQvnHcHw4gtjBajN4Ics/nMEXs7Zp2/ +sCtyWuH06G6hiawMHmCaw6QPqIvhJ2zcgzZl+18ITDk3OOlIPhpFJHQ1hjKZR3v 5PqvGyVXuKqzwtRIdTvDNIrI42R31xUiLXSk24scMO8p5IiCrONn2Med4LsOH6k8 9hMyYG+oYo3SKjes8N9Q3Gzf98MR/Kkx/5nRRmLpQEHehhNIgBebhscWdL535Ufk NJ1a4SHRxCoj3WSpx6XDZ+ZjHHWJVYZ8TnvHY2qrD1r1BCZNXkeBYZ4Fthelu5BS iGLax+RbZbS0n83AmEV7rq85o1i95fJPYTuZ1xzcx8DxZcgwoc6X8h9doz2Rz9Mq 08nScZYH4g6ruhcvWFYnsxx/hYpWvnnaUlmDGKhoUpd5+hCPP3hTx+GvFKi/IjiD rcTDRBuyPRI= =PPUN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 6.6) - noarch, x86_64
- (CVE-2018-3639)
Note: This issue is present in hardware and cannot be fully fixed via software update. To be fully functional, up-to-date CPU microcode applied on the system might be required.
In this update, mitigation for PowerPC architecture is provided. Description:
The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. 6) - i386, noarch, x86_64
- Description:
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. (CVE-2018-3639)
Note: This is the OpenJDK side of the CVE-2018-3639 mitigation.
Bug Fix(es):
- If the cifs_reopen_file() function failed to find a file, the pointer to the cifsFileInfo structure was not reinitialized by being set to "NULL". Subsequently, the find_writable_file() function used an invalid pointer to cifsFileInfo. Consequently, the operating system terminated unexpectedly. As a result, the operating system no longer crashes due to this bug. (BZ#1577086)
4
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0963",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "xeon e5 2470 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3460"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w_v2"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5506"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3480"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880l_v3"
},
{
"model": "xeon e3 1270 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4669_v4"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1220_"
},
{
"model": "simatic s7-1500",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.6"
},
{
"model": "sinema remote connect",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "xeon e5 1660 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3850"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l3403"
},
{
"model": "xeon e3 1260l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2695_v3"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1585l_v5"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86132"
},
{
"model": "simatic ipc3000 smart",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.5"
},
{
"model": "micloud management portal",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": "*"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5507"
},
{
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j4005"
},
{
"model": "xeon e3 1226 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1241 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4870"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699_v4"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1535m_v5"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690_v4"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8867l"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86152"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w_v3"
},
{
"model": "simatic ipc847c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.01.14"
},
{
"model": "xeon e-1105c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 1650",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "cloud global management system",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": null
},
{
"model": "xeon e3 1501m v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880_v4"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4809_v4"
},
{
"model": "xeon e5 2448l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160t"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8180"
},
{
"model": "xeon e3 1285l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4655_v4"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "85120"
},
{
"model": "xeon e3 1230 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8891_v3"
},
{
"model": "xeon e5 2403",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8860"
},
{
"model": "simatic ipc427d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "17.0x.14"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "125c_"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "xeon e3 1280 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2850"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4809_v3"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4657l_v2"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830_v3"
},
{
"model": "xeon e3 1230 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86136"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5540"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86146"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4627_v4"
},
{
"model": "simatic itp1000",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "23.01.04"
},
{
"model": "sonicosv",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l3426"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3740"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5503"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "xeon e3 1225 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2418l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2648l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3827"
},
{
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4114t"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610"
},
{
"model": "xeon e5 2618l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic ipc427c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "xeon e5 2440",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "xeon e5 2603 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2890_v2"
},
{
"model": "xeon e3 1285 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2618l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2640 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2618l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1276 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86144"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "micollab",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": null
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3460"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1575m_v5"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4627_v3"
},
{
"model": "xeon e3 1240 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2620 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "virtualization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "32nm"
},
{
"model": "surface studio",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86138"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4627_v2"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4807"
},
{
"model": "xeon e5 2407 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "itc1900",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2820"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5550"
},
{
"model": "xeon e5 2430l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4860_v2"
},
{
"model": "pentium",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n4100"
},
{
"model": "xeon e5 1620 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic ipc627c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.02.15"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1585_v5"
},
{
"model": "xeon e3 1105c v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1265l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "85120t"
},
{
"model": "xeon e5 2428l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4809_v2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c2308"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8890_v3"
},
{
"model": "xeon e3 12201 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "ruggedcom ape",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "xeon e3 1230",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5518_"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2850_v2"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "simatic ipc677d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "19.02.11"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8170"
},
{
"model": "itc1900 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7500"
},
{
"model": "xeon e5 2418l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8176f"
},
{
"model": "xeon e3 1290 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86126t"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "85122"
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "sp2"
},
{
"model": "pentium",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n4000"
},
{
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4110"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697_v2"
},
{
"model": "xeon e3 1245 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic field pg m4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "18.01.09"
},
{
"model": "jetson tx2",
"scope": "lt",
"trust": 1.0,
"vendor": "nvidia",
"version": "r28.3"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870_v2"
},
{
"model": "simatic ipc427e",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "21.01.09"
},
{
"model": "xeon e3 1280 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1281 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2560"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8156"
},
{
"model": "xeon e3 1268l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j3455"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850_v4"
},
{
"model": "xeon e5 1660",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w"
},
{
"model": "xeon e5 1680 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1275 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic ipc827c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.02.15"
},
{
"model": "xeon e5 2420",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820_v2"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86134m"
},
{
"model": "xeon e3 1230 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4860"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4603_v2"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8830"
},
{
"model": "xeon e5 1428l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5508_"
},
{
"model": "xeon e5 1660 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1505m v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4603"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "45nm"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3338"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2860"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86148f"
},
{
"model": "surface",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "xeon e3 1271 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820_v4"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3470"
},
{
"model": "xeon e3 1286 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4648_v3"
},
{
"model": "xeon e3 1286l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "mivoice connect",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": null
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3530"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "xeon e3 1230 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1280 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "85115"
},
{
"model": "pentium silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j5005"
},
{
"model": "xeon e3 1270 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658a_v3"
},
{
"model": "xeon e5 2630",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1225 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5504"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620_v4"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "struxureware data center expert",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "7.6.0"
},
{
"model": "xeon e3 1240l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "surface pro",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "3"
},
{
"model": "xeon e5 2630 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 1428l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2608l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640_v3"
},
{
"model": "cortex-a",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": "15"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5570"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3308"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697_v3"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5520"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1565l_v5"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8857_v2"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670_v2"
},
{
"model": "xeon e5 2620 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86130"
},
{
"model": "xeon e3 12201",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8168"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3758"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2650l_v4"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830_v2"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870_v4"
},
{
"model": "xeon e3 1505l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2418l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4870_v2"
},
{
"model": "xeon e5 2640 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic field pg m5",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "22.01.06"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3958"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3508"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8890_v2"
},
{
"model": "xeon e5 2608l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4109t"
},
{
"model": "xeon e3 1285l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820_v3"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86128"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660_v4"
},
{
"model": "simatic ipc477e",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "21.01.09"
},
{
"model": "xeon e3 1268l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 1650 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e6550"
},
{
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3845"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4660_v4"
},
{
"model": "mivoice 5000",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "xeon e5 1428l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2650l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86150"
},
{
"model": "xeon e5 2630 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3785"
},
{
"model": "xeon e3 1285 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2630l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690_v3"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4820"
},
{
"model": "xeon e5 2628l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8867_v4"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850"
},
{
"model": "xeon e3 1258l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4116t"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3600"
},
{
"model": "xeon e3 1220 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8867_v3"
},
{
"model": "xeon e3 1260l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "itc2200 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86134"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2695_v2"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2760"
},
{
"model": "xeon e3 1225 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2643",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3825"
},
{
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "9"
},
{
"model": "xeon e3 1245 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2609 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2695_v4"
},
{
"model": "xeon e5 2448l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3805"
},
{
"model": "xeon e5 2609 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3580"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8860_v3"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3745d"
},
{
"model": "xeon e5 1660 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1703"
},
{
"model": "simatic ipc477c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1535m_v6"
},
{
"model": "pentium",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n4200"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3955"
},
{
"model": "xeon e5 2643 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2403 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667_v2"
},
{
"model": "sinumerik pcu 50.5",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.02.15"
},
{
"model": "xeon e5 2407",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160m"
},
{
"model": "xeon e3 1501l v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8893_v3"
},
{
"model": "simatic ipc827d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "19.02.11"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650l"
},
{
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3826"
},
{
"model": "xeon e5 2470",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "45nm"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3770"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735g"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3480"
},
{
"model": "xeon e5 2650 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic ipc647d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "19.01.14"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86154"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86142m"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880l_v2"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5506"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4667_v3"
},
{
"model": "celeron n",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n3450"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "45nm"
},
{
"model": "global management system",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": null
},
{
"model": "xeon e5 2430",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3736g"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2803"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4607_v2"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3795"
},
{
"model": "surface pro",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1796"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "12"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660_v2"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880_v2"
},
{
"model": "simatic ipc627d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "19.02.11"
},
{
"model": "pentium silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "n5000"
},
{
"model": "xeon e5 2430 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1607"
},
{
"model": "xeon e3 1245",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658_v4"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e6540"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658_v2"
},
{
"model": "xeon e5 2650l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "13"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699a_v4"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1809"
},
{
"model": "xeon e5 2603 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2628l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1278l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8160f"
},
{
"model": "xeon e5 2620",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "windows 7",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "xeon e3 1240 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic ipc847d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "19.01.14"
},
{
"model": "local service management system",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "13.3"
},
{
"model": "surface book",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "2"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640_v4"
},
{
"model": "xeon e5 2643 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.9"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86140m"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8153"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830_v4"
},
{
"model": "xeon e3 1270",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680_v3"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3708"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610_v4"
},
{
"model": "web application firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "85119t"
},
{
"model": "xeon e3 1245 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2408l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8891_v4"
},
{
"model": "cortex-a",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": "57"
},
{
"model": "xeon e5 2428l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2650l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86130f"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620"
},
{
"model": "xeon e5 2640",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4830"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x5560"
},
{
"model": "xeon e5 1680 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "itc2200",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697a_v4"
},
{
"model": "surface book",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "xeon e3 1220l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4607"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3745"
},
{
"model": "xeon e5 2428l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l3406"
},
{
"model": "xeon e5 2637 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1240 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4617"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4667_v4"
},
{
"model": "xeon e3 1275 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1225",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "32nm"
},
{
"model": "xeon e3 1275l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86142"
},
{
"model": "xeon e5 2637 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8893_v2"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680_v2"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86126"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8164"
},
{
"model": "xeon e5 2650 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2697_v4"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3808"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8158"
},
{
"model": "atom x7-e3950",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86140"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5600"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650_v2"
},
{
"model": "xeon e3 1220 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2683_v3"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3538"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3775"
},
{
"model": "simatic ipc547g",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "r1.23.0"
},
{
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4114"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735e"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86148"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8170m"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2460"
},
{
"model": "xeon e5 2620 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86138t"
},
{
"model": "itc1500 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3775d"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1275_"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2870_v2"
},
{
"model": "xeon e5 2648l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 1650 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2450 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic ipc477e pro",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "21.01.09"
},
{
"model": "xeon e3 1230l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870"
},
{
"model": "xeon e3 1270 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3570"
},
{
"model": "xeon e5 2609",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2630 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2630l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "local service management system",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "13.0"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1558l_v5"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3770d"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3590"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3450"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8890_v4"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "l5530"
},
{
"model": "xeon e5 2440 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3858"
},
{
"model": "itc1500",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650_v4"
},
{
"model": "simatic ipc647c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.01.14"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2580"
},
{
"model": "xeon e5 2623 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1290",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2698_v3"
},
{
"model": "pentium j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j4205"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2880_v2"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667_v4"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86138f"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "85118"
},
{
"model": "xeon e5 2450l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3558"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8894_v4"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4628l_v4"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2870"
},
{
"model": "xeon e5 1620 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "surface pro with lte advanced",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1807"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1545m_v5"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610_v2"
},
{
"model": "xeon e3 1240 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom x5-e3930",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2637 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4660_v3"
},
{
"model": "simatic ipc677c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "15.02.15"
},
{
"model": "simotion p320-4e",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "17.0x.14"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8850"
},
{
"model": "xeon e3 1285 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660_v3"
},
{
"model": "xeon e5 2630l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4890_v2"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5115"
},
{
"model": "xeon e3 1231 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3736f"
},
{
"model": "xeon e5 2603",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8870_v3"
},
{
"model": "xeon e5 2650",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e6510"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2683_v4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850_v2"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670_v3"
},
{
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "45nm"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5502"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "jetson tx1",
"scope": "lt",
"trust": 1.0,
"vendor": "nvidia",
"version": "r28.3"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2665"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8176m"
},
{
"model": "xeon e3 1280",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2450l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "celeron j",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "j4105"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667_v3"
},
{
"model": "xeon e3 1125c v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1225 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "32nm"
},
{
"model": "xeon e3 1275 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4669_v3"
},
{
"model": "xeon e3 1505l v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3950"
},
{
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2520"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w5590"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1578l_v5"
},
{
"model": "sinumerik 840 d sl",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699r_v4"
},
{
"model": "xeon e5 2628l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4108"
},
{
"model": "simatic ipc547e",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "r1.30.0"
},
{
"model": "xeon e5 1630 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4116"
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3750"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3560"
},
{
"model": "mrg realtime",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.0"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "openstack",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "10"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "32nm"
},
{
"model": "atom e",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e3815"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "w5580"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2420"
},
{
"model": "xeon e5 2648l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2640 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 1620",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.10"
},
{
"model": "xeon e3 1235l v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2643 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86126f"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8891_v2"
},
{
"model": "xeon e3 1240",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2648l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1220 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "atom x5-e3940",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2687w_v4"
},
{
"model": "xeon e5 1650 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1235",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2430l",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4880_v2"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8837"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2690_v2"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4624l_v2"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.7"
},
{
"model": "open integration gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": null
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3440"
},
{
"model": "xeon e3 1270 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2660"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2698_v4"
},
{
"model": "xeon e5 2450",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2438l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8850_v2"
},
{
"model": "surface pro",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "4"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850_v3"
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86130t"
},
{
"model": "xeon e5 2630l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.4"
},
{
"model": "xeon e3 1265l v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon gold",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "86142f"
},
{
"model": "simatic et 200 sp",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.6"
},
{
"model": "simatic ipc477d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "17.0x.14"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "x3430"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4640_v2"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "xeon e3 1280 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2623 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "simatic ipc347e",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.5"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2680_v4"
},
{
"model": "mivoic mx-one",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650_v3"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5530"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620_v2"
},
{
"model": "xeon silver",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4112"
},
{
"model": "mivoice border gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": null
},
{
"model": "xeon e3 1265l v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "mivoice business",
"scope": "eq",
"trust": 1.0,
"vendor": "mitel",
"version": null
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z2480"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735f"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2667"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2699_v3"
},
{
"model": "xeon e3 1240l v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4620_v3"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3740d"
},
{
"model": "xeon e5 2603 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2609 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e3 1245 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "atom c",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "c3830"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "atom z",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "z3735d"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2658_v3"
},
{
"model": "xeon e5 2420 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 1630 v4",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "email security",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": null
},
{
"model": "sinumerik tcu 30.3",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8880_v3"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "e5520"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1515m_v5"
},
{
"model": "xeon e3 1220 v6",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2650 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "virtualization manager",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.3"
},
{
"model": "xeon e5 1620 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "secure mobile access",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8893_v4"
},
{
"model": "cortex-a",
"scope": "eq",
"trust": 1.0,
"vendor": "arm",
"version": "72"
},
{
"model": "xeon e3 1275 v5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e5 2637",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2830"
},
{
"model": "xeon e3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "1505m_v6"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610_v3"
},
{
"model": "xeon e3 1246 v3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "xeon e5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4655_v3"
},
{
"model": "xeon platinum",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8176"
},
{
"model": "xeon e7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8860_v4"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "amd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell emc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qualcomm incorporated",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "cortex a57",
"scope": null,
"trust": 0.6,
"vendor": "arm",
"version": null
},
{
"model": "5th generation core processors",
"scope": null,
"trust": 0.6,
"vendor": "intel",
"version": null
},
{
"model": "cortex a72",
"scope": null,
"trust": 0.6,
"vendor": "arm",
"version": null
},
{
"model": "6th generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "5th generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "4th generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "3rd generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "2nd generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "8th generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "7th generation core processors",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor a series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor c series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor e series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor t series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "atom processor series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "x0"
},
{
"model": "atom processor z series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "core x-series processor family for intel platforms",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "x990"
},
{
"model": "celeron processor j series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "celeron processor n series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "core m processor family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "core x-series processor family for intel platforms",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "x2990"
},
{
"model": "pentium processor n series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "pentium processor silver series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon processor series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "34000"
},
{
"model": "xeon processor series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "36000"
},
{
"model": "xeon processor series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "55000"
},
{
"model": "xeon processor series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "56000"
},
{
"model": "xeon processor series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "75000"
},
{
"model": "xeon processor series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "65000"
},
{
"model": "pentium processor j series",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon processor e3 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon processor e3 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v20"
},
{
"model": "xeon processor e3 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v3"
},
{
"model": "xeon processor e3 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v40"
},
{
"model": "xeon processor e3 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v50"
},
{
"model": "xeon processor e3 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v60"
},
{
"model": "xeon processor e5 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon processor e5 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v20"
},
{
"model": "xeon processor e5 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v3"
},
{
"model": "xeon processor e5 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v40"
},
{
"model": "xeon processor e7 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "0"
},
{
"model": "xeon processor e7 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v20"
},
{
"model": "xeon processor e7 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v3"
},
{
"model": "xeon processor e7 family",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "v40"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c2308:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3308:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3338:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3508:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3538:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3558:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3708:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3750:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3758:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3808:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3830:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3850:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3858:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3950:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3955:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_c:c3958:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_e:e3805:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_e:e3815:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_e:e3825:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_e:e3826:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_e:e3827:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_e:e3845:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z2420:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z2460:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z2480:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z2520:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z2560:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z2580:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z2760:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3460:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3480:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3530:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3560:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3570:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3580:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3590:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3735d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3735e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3735f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3735g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3736f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3736g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3740:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3740d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3745:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3745d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3770:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3770d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3775:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3775d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3785:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:atom_z:z3795:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j:j3455:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j:j4005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_j:j4105:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:celeron_n:n3450:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:32nm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i3:45nm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:32nm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i5:45nm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:32nm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_i7:45nm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_m:32nm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:core_m:45nm:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium:n4000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium:n4100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium:n4200:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_j:j4205:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_silver:j5005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:pentium_silver:n5000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e-1105c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:125c_:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1220_:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1275_:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1505m_v6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1515m_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1535m_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1535m_v6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1545m_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1558l_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1565l_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1575m_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1578l_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1585_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:1585l_v5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:3600:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:5600:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:7500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e5502:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e5503:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e5504:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e5506:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e5507:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e5520:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e5530:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e5540:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e6510:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e6540:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:e6550:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:l3403:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:l3406:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:l3426:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:l5506:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:l5508_:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:l5518_:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:l5520:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:l5530:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:w5580:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:w5590:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x3430:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x3440:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x3450:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x3460:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x3470:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x3480:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x5550:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x5560:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3:x5570:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1105c_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1125c_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_12201:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_12201_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1220_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1220_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1220l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1225:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1225_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1225_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1226_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1230:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1230_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1230_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1230l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1231_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1235:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1241_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1245:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1245_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1245_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1246_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1258l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1260l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1265l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1265l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1265l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1268l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1268l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1270:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1270_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1270_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1271_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1275_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1275_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1275_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1275l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1276_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1278l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1280:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1280_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1280_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1281_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1285_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1285_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1285l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1285l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1286_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1286l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1290:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1290_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1501l_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1501m_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1505l_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1505l_v6:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e3_1505m_v5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2650l_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2658:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2658_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2658_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2658_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2658a_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2660:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2660_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2660_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2660_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2665:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2667:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2667_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2667_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2667_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2670:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2670_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2670_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2680:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2680_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2680_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2680_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2683_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2683_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2687w:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2687w_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2687w_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2687w_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2690:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2690_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2690_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2690_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2695_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2695_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2695_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2697_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2697_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2697_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2697a_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2698_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2698_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2699_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2699_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2699a_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:2699r_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4603:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4603_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4607:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4607_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4610:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4610_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4610_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4610_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4617:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4620:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4620_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4620_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4620_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4624l_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4627_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4627_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4627_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4628l_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4640:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4640_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4640_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4640_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4648_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4650:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4650_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4650_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4650_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4650l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4655_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4655_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4657l_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4660_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4660_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4667_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4667_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4669_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5:4669_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1428l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1428l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1428l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1620:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1620_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1620_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1620_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1630_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1630_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1650:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1650_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1650_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1650_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1660:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1660_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1660_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1660_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1680_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_1680_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2403:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2403_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2407:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2407_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2408l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2418l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2418l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2418l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2420:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2420_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2428l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2428l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2428l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2430:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2430_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2430l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2430l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2438l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2440:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2440_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2448l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2448l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2450:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2450_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2450l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2450l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2470:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2470_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2603:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2603_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2603_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2603_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2608l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2608l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2609:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2609_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2609_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2609_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2618l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2618l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2618l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2620:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2620_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2620_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2620_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2623_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2623_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2628l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2628l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2628l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2630:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2630_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2630_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2630_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2630l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2630l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2630l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2630l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2637:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2637_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2637_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2637_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2640:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2640_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2640_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2640_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2643:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2643_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2643_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2643_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2648l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2648l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2648l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2648l_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2650:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2650_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2650_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2650_v4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2650l:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2650l_v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e5_2650l_v3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2820:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2830:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2850:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2850_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2860:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2870:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2870_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2880_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:2890_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4807:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4809_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4809_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4809_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4820:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4820_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4820_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4820_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4830:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4830_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4830_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4830_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4850:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4850_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4850_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4850_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4860:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4860_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4870:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4870_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4880_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:4890_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8830:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8837:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8850:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8850_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8857_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8860:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8860_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8860_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8867_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8867_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8867l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8870:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8870_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8870_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8870_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8880_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8880_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8880_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8880l_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8880l_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8890_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8890_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8890_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8891_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8891_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8891_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8893_v2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8893_v3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8893_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_e7:8894_v4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:5115:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:85115:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:85118:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:85119t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:85120:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:85120t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:85122:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86126:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86126f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86126t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86128:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86130:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86130f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86130t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86132:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86134:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86134m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86136:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86138:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86138f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86138t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86140:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86140m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86142:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86142f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86142m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86144:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86146:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86148:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86148f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86150:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86152:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_gold:86154:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8153:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8156:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8158:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8160:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8160f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8160m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8160t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8164:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8168:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8170:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8170m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8176:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8176f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8176m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_platinum:8180:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver:4108:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver:4109t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver:4110:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver:4112:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver:4114:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver:4114t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver:4116:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intel:xeon_silver:4116t:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arm:cortex-a:15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:arm:cortex-a:57:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:arm:cortex-a:72:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:mrg_realtime:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:virtualization_manager:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:itc1500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:itc1500:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:itc1500_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:itc1500_pro:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:itc1900_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:itc1900:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:itc1900_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:itc1900_pro:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:itc2200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:itc2200:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:itc2200_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:itc2200_pro:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:local_service_management_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.3",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_ape_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_ape:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_et_200_sp_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_et_200_sp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_field_pg_m4_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "18.01.09",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_field_pg_m4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "22.01.06",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_field_pg_m5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc3000_smart_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc3000_smart:2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc347e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc347e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc427c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc427c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc427d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.0x.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc427d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.01.09",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc427e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc477c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc477c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc477d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.0x.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc477d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.01.09",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc477e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc477e_pro_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.01.09",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc477e_pro:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc547e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r1.30.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc547e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r1.23.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc547g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc627c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.02.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc627c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc627d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "19.02.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc627d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc647c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.01.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc647c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc647d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "19.01.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc647d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc677d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "19.02.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc677d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc677c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.02.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc677c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc827c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.02.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc827c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc827d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "19.02.11",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc827d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc847c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.01.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc847c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc847d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "19.01.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc847d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "23.01.04",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_itp1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simotion_p320-4e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.0x.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simotion_p320-4e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840_d_sl_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840_d_sl:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_pcu_50.5_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.02.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_pcu_50.5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_tcu_30.3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_tcu_30.3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinema_remote_connect_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinema_remote_connect:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mitel:micollab:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mitel:open_integration_gateway:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mitel:mivoice_border_gateway:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mitel:mivoice_business:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mitel:mivoice_connect:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mitel:mivoic_mx-one:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mitel:mivoice_5000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mitel:micloud_management_portal:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:sonicwall:sonicosv:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sonicwall:web_application_firewall:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sonicwall:cloud_global_management_system:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sonicwall:email_security:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sonicwall:secure_mobile_access:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sonicwall:global_management_system:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:nvidia:jetson_tx1:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r28.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:nvidia:jetson_tx2:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r28.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:microsoft:surface:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:microsoft:surface_book:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:microsoft:surface_book:2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:microsoft:surface_pro:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:microsoft:surface_pro:4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:microsoft:surface_pro:1796:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:microsoft:surface_pro_with_lte_advanced:1807:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:microsoft:surface_studio:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:sp2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "147739"
},
{
"db": "PACKETSTORM",
"id": "147759"
},
{
"db": "PACKETSTORM",
"id": "148322"
},
{
"db": "PACKETSTORM",
"id": "148751"
},
{
"db": "PACKETSTORM",
"id": "147930"
},
{
"db": "PACKETSTORM",
"id": "147769"
},
{
"db": "PACKETSTORM",
"id": "148853"
},
{
"db": "PACKETSTORM",
"id": "148818"
},
{
"db": "PACKETSTORM",
"id": "147749"
},
{
"db": "PACKETSTORM",
"id": "147938"
},
{
"db": "PACKETSTORM",
"id": "150079"
},
{
"db": "PACKETSTORM",
"id": "147779"
},
{
"db": "PACKETSTORM",
"id": "148695"
}
],
"trust": 1.3
},
"cve": "CVE-2018-3639",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-13391",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-133670",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-133671",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-3639",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-13391",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-133670",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-133671",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"db": "VULHUB",
"id": "VHN-133670"
},
{
"db": "VULHUB",
"id": "VHN-133671"
},
{
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. CPU hardware utilizing speculative execution may be vulnerable to cache timing side-channel analysis. Two vulnerabilities are identified, known as \"Variant 3a\" and \"Variant 4\". CPUhardware is firmware that runs in the central processor for managing and controlling the CPU. Multiple CPUHardware information disclosure vulnerabilities. The vulnerability is caused by a race condition in the CPU cache processing. Local attackers can exploit vulnerabilities to obtain sensitive information through side channel analysis. AMD, ARM, and Intel CPUs are all CPU (central processing unit) products from different manufacturers. AMD, ARM, and Intel CPUs have security vulnerabilities. Relevant releases/architectures:\n\nRHV-M 4.2 - noarch\n\n3. Description:\n\nThe org.ovirt.engine-root is a core component of oVirt. 7) - x86_64\n\n3. Description:\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution for\nLinux on a variety of architectures. The qemu-kvm packages provide the\nuser-space component for running virtual machines that use KVM. Once\nall virtual machines have shut down, start them again for this update to\ntake effect. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: kernel security and bug fix update\nAdvisory ID: RHSA-2018:1965-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2018:1965\nIssue date: 2018-06-26\nCVE Names: CVE-2017-11600 CVE-2018-3639 \n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - noarch, ppc64le, s390x\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - noarch, ppc64le\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\n* An industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of Load \u0026 Store instructions\n(a commonly used performance optimization). It relies on the presence of a\nprecisely-defined instruction sequence in the privileged code as well as\nthe fact that memory read from address to which a recent memory write has\noccurred may see an older value and subsequently cause an update into the\nmicroprocessor\u0027s data cache even for speculatively executed instructions\nthat never actually commit (retire). As a result, an unprivileged attacker\ncould use this flaw to read privileged memory by conducting targeted cache\nside-channel attacks. (CVE-2018-3639, PowerPC, x86 AMD)\n\n* kernel: Out-of-bounds access via an XFRM_MSG_MIGRATE xfrm Netlink message\n(CVE-2017-11600)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. \n\nRed Hat would like to thank Ken Johnson (Microsoft Security Response\nCenter) and Jann Horn (Google Project Zero) for reporting CVE-2018-3639. \n\nBug Fix(es):\n\nThese updated kernel packages include also numerous bug fixes. Space\nprecludes documenting all of the bug fixes in this advisory. See the\ndescriptions in the related Knowledge Article:\nhttps://access.redhat.com/articles/3485871\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1474928 - CVE-2017-11600 kernel: Out-of-bounds access via an XFRM_MSG_MIGRATE xfrm Netlink message\n1566890 - CVE-2018-3639 hw: cpu: speculative store bypass\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkernel-3.10.0-862.6.3.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm\nkernel-doc-3.10.0-862.6.3.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-devel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-headers-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-862.6.3.el7.x86_64.rpm\nperf-3.10.0-862.6.3.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-862.6.3.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkernel-3.10.0-862.6.3.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm\nkernel-doc-3.10.0-862.6.3.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-devel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-headers-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-862.6.3.el7.x86_64.rpm\nperf-3.10.0-862.6.3.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-862.6.3.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkernel-3.10.0-862.6.3.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm\nkernel-doc-3.10.0-862.6.3.el7.noarch.rpm\n\nppc64:\nkernel-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-debug-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-devel-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-headers-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-tools-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-862.6.3.el7.ppc64.rpm\nperf-3.10.0-862.6.3.el7.ppc64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\npython-perf-3.10.0-862.6.3.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\n\nppc64le:\nkernel-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debug-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-devel-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-headers-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-862.6.3.el7.ppc64le.rpm\nperf-3.10.0-862.6.3.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\npython-perf-3.10.0-862.6.3.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\n\ns390x:\nkernel-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debug-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-862.6.3.el7.s390x.rpm\nkernel-devel-3.10.0-862.6.3.el7.s390x.rpm\nkernel-headers-3.10.0-862.6.3.el7.s390x.rpm\nkernel-kdump-3.10.0-862.6.3.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-862.6.3.el7.s390x.rpm\nperf-3.10.0-862.6.3.el7.s390x.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\npython-perf-3.10.0-862.6.3.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\n\nx86_64:\nkernel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-devel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-headers-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-862.6.3.el7.x86_64.rpm\nperf-3.10.0-862.6.3.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):\n\nnoarch:\nkernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm\nkernel-doc-3.10.0-862.6.3.el7.noarch.rpm\n\nppc64le:\nkernel-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debug-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-devel-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-headers-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-862.6.3.el7.ppc64le.rpm\nperf-3.10.0-862.6.3.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\npython-perf-3.10.0-862.6.3.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\n\ns390x:\nkernel-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debug-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-862.6.3.el7.s390x.rpm\nkernel-devel-3.10.0-862.6.3.el7.s390x.rpm\nkernel-headers-3.10.0-862.6.3.el7.s390x.rpm\nkernel-kdump-3.10.0-862.6.3.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-862.6.3.el7.s390x.rpm\nperf-3.10.0-862.6.3.el7.s390x.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\npython-perf-3.10.0-862.6.3.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.s390x.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-862.6.3.el7.ppc64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.ppc64.rpm\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-862.6.3.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-862.6.3.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):\n\nnoarch:\nkernel-doc-3.10.0-862.6.3.el7.noarch.rpm\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-862.6.3.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.ppc64le.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkernel-3.10.0-862.6.3.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm\nkernel-doc-3.10.0-862.6.3.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-devel-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-headers-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-862.6.3.el7.x86_64.rpm\nperf-3.10.0-862.6.3.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-862.6.3.el7.x86_64.rpm\nperf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-862.6.3.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-11600\nhttps://access.redhat.com/security/cve/CVE-2018-3639\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/articles/3485871\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBWzJvQtzjgjWX9erEAQhA1BAAnHot2ERbRC9tVbWzn8egMTLwNGaPfu8b\nRhzRg0qgwySJM7JXfEC2fKJYoCaL71ykhGUC98wNc5SJVqkfzMt66pyxrMrK8Ff2\n+LJW3BFAbFfzzt/NMRwXM+s2TSNj6BhqWpohgmB83jz3uPzH51QBp2SbumMDwdrj\nVN9/rZlA/2rofE/7Lyz2B/Rks5oEvRbW4pf4hDpARDLqD8iU4UhW8QGb4HZfH//X\nlvVTnKaMvCN1Jecc0fyp6lE4no2FBMPBlIQvnHcHw4gtjBajN4Ics/nMEXs7Zp2/\n+sCtyWuH06G6hiawMHmCaw6QPqIvhJ2zcgzZl+18ITDk3OOlIPhpFJHQ1hjKZR3v\n5PqvGyVXuKqzwtRIdTvDNIrI42R31xUiLXSk24scMO8p5IiCrONn2Med4LsOH6k8\n9hMyYG+oYo3SKjes8N9Q3Gzf98MR/Kkx/5nRRmLpQEHehhNIgBebhscWdL535Ufk\nNJ1a4SHRxCoj3WSpx6XDZ+ZjHHWJVYZ8TnvHY2qrD1r1BCZNXkeBYZ4Fthelu5BS\niGLax+RbZbS0n83AmEV7rq85o1i95fJPYTuZ1xzcx8DxZcgwoc6X8h9doz2Rz9Mq\n08nScZYH4g6ruhcvWFYnsxx/hYpWvnnaUlmDGKhoUpd5+hCPP3hTx+GvFKi/IjiD\nrcTDRBuyPRI=\n=PPUN\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 6.6) - noarch, x86_64\n\n3. (CVE-2018-3639)\n\nNote: This issue is present in hardware and cannot be fully fixed via\nsoftware update. To be fully functional, up-to-date CPU\nmicrocode applied on the system might be required. \n\nIn this update, mitigation for PowerPC architecture is provided. Description:\n\nThe libvirt library contains a C API for managing and interacting with the\nvirtualization capabilities of Linux and other operating systems. In\naddition, libvirt provides tools for remote management of virtualized\nsystems. 6) - i386, noarch, x86_64\n\n3. Description:\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime\nEnvironment and the OpenJDK 7 Java Software Development Kit. (CVE-2018-3639)\n\nNote: This is the OpenJDK side of the CVE-2018-3639 mitigation. \n\nBug Fix(es):\n\n* If the cifs_reopen_file() function failed to find a file, the pointer to\nthe cifsFileInfo structure was not reinitialized by being set to \"NULL\". \nSubsequently, the find_writable_file() function used an invalid pointer to\ncifsFileInfo. Consequently, the operating system terminated unexpectedly. As a result, the operating system\nno longer crashes due to this bug. (BZ#1577086)\n\n4",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3639"
},
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"db": "VULHUB",
"id": "VHN-133670"
},
{
"db": "VULHUB",
"id": "VHN-133671"
},
{
"db": "PACKETSTORM",
"id": "147739"
},
{
"db": "PACKETSTORM",
"id": "147759"
},
{
"db": "PACKETSTORM",
"id": "148322"
},
{
"db": "PACKETSTORM",
"id": "148751"
},
{
"db": "PACKETSTORM",
"id": "147930"
},
{
"db": "PACKETSTORM",
"id": "148853"
},
{
"db": "PACKETSTORM",
"id": "148818"
},
{
"db": "PACKETSTORM",
"id": "147749"
},
{
"db": "PACKETSTORM",
"id": "147938"
},
{
"db": "PACKETSTORM",
"id": "150079"
},
{
"db": "PACKETSTORM",
"id": "147779"
},
{
"db": "PACKETSTORM",
"id": "148695"
},
{
"db": "PACKETSTORM",
"id": "147769"
}
],
"trust": 3.51
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-133670",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133670"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3639",
"trust": 3.1
},
{
"db": "USCERT",
"id": "TA18-141A",
"trust": 2.0
},
{
"db": "CERT/CC",
"id": "VU#180049",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1040949",
"trust": 1.8
},
{
"db": "BID",
"id": "104232",
"trust": 1.7
},
{
"db": "LENOVO",
"id": "LEN-22133",
"trust": 1.2
},
{
"db": "SIEMENS",
"id": "SSA-268644",
"trust": 1.2
},
{
"db": "SIEMENS",
"id": "SSA-608355",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1042004",
"trust": 1.2
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2020/06/10/5",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2020/06/10/1",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2020/06/10/2",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "44695",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-505225",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#584653",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2018-13391",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "147749",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "147769",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "147779",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "148818",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "148751",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "150079",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "148853",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "148695",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "147938",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "147759",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "147930",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "147739",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "148581",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148151",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147743",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148318",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148731",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148817",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150097",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147932",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148484",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150076",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147839",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147746",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147765",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147762",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147748",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147770",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147754",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147756",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147931",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148323",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147751",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147747",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147764",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147755",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147873",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150073",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148699",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147763",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148656",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148330",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147744",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150077",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147734",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147750",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148370",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147767",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147719",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150090",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147737",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147742",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147796",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147720",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "149127",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "149390",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148614",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147738",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147752",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150096",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147745",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147753",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147780",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148842",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147733",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147778",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147758",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147866",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147740",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147757",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147741",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150078",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147735",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147766",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147933",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147721",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147760",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150075",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148975",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150095",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "151288",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150074",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147736",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147761",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152767",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148317",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147904",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148507",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147851",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147934",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-133670",
"trust": 0.1
},
{
"db": "BID",
"id": "104228",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201805-748",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-133671",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148322",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"db": "VULHUB",
"id": "VHN-133670"
},
{
"db": "VULHUB",
"id": "VHN-133671"
},
{
"db": "PACKETSTORM",
"id": "147739"
},
{
"db": "PACKETSTORM",
"id": "147759"
},
{
"db": "PACKETSTORM",
"id": "148322"
},
{
"db": "PACKETSTORM",
"id": "148751"
},
{
"db": "PACKETSTORM",
"id": "147930"
},
{
"db": "PACKETSTORM",
"id": "147769"
},
{
"db": "PACKETSTORM",
"id": "148853"
},
{
"db": "PACKETSTORM",
"id": "148818"
},
{
"db": "PACKETSTORM",
"id": "147749"
},
{
"db": "PACKETSTORM",
"id": "147938"
},
{
"db": "PACKETSTORM",
"id": "150079"
},
{
"db": "PACKETSTORM",
"id": "147779"
},
{
"db": "PACKETSTORM",
"id": "148695"
},
{
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"id": "VAR-201805-0963",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"db": "VULHUB",
"id": "VHN-133670"
},
{
"db": "VULHUB",
"id": "VHN-133671"
}
],
"trust": 1.507676424090909
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-13391"
}
]
},
"last_update_date": "2024-07-23T21:53:48.206000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patches for multiple CPUHardware information disclosure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/134555"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-13391"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-203",
"trust": 1.2
},
{
"problemtype": "CWE-200",
"trust": 0.2
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133670"
},
{
"db": "VULHUB",
"id": "VHN-133671"
},
{
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
},
{
"trust": 2.0,
"url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
},
{
"trust": 2.0,
"url": "https://www.us-cert.gov/ncas/alerts/ta18-141a"
},
{
"trust": 2.0,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180521-cpusidechannel"
},
{
"trust": 1.9,
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/security/vulnerabilities/ssbd"
},
{
"trust": 1.6,
"url": "https://support.apple.com//ht208394"
},
{
"trust": 1.6,
"url": "http://www.dell.com/support/speculative-store-bypass"
},
{
"trust": 1.3,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/security/cve/cve-2018-3639"
},
{
"trust": 1.3,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3639"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 1.2,
"url": "https://www.kb.cert.org/vuls/id/180049"
},
{
"trust": 1.2,
"url": "http://support.lenovo.com/us/en/solutions/len-22133"
},
{
"trust": 1.2,
"url": "http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html"
},
{
"trust": 1.2,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf"
},
{
"trust": 1.2,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"trust": 1.2,
"url": "https://security.netapp.com/advisory/ntap-20180521-0001/"
},
{
"trust": 1.2,
"url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006"
},
{
"trust": 1.2,
"url": "https://www.synology.com/support/security/synology_sa_18_23"
},
{
"trust": 1.2,
"url": "https://www.debian.org/security/2018/dsa-4273"
},
{
"trust": 1.2,
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html"
},
{
"trust": 1.2,
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1633"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1636"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1638"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1647"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1658"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1676"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1738"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:1965"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2250"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2289"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2309"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:2363"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/errata/rhsa-2018:3402"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1040949"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1042004"
},
{
"trust": 1.2,
"url": "https://usn.ubuntu.com/3756-1/"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/104232"
},
{
"trust": 1.1,
"url": "https://seclists.org/bugtraq/2019/jun/36"
},
{
"trust": 1.1,
"url": "http://xenbits.xen.org/xsa/advisory-263.html"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
},
{
"trust": 1.1,
"url": "https://help.ecostruxureit.com/display/public/uadce725/security+fixes+in+struxureware+data+center+expert+v7.6.0"
},
{
"trust": 1.1,
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
},
{
"trust": 1.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180012"
},
{
"trust": 1.1,
"url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2018-0004"
},
{
"trust": 1.1,
"url": "https://support.citrix.com/article/ctx235225"
},
{
"trust": 1.1,
"url": "https://support.oracle.com/knowledge/sun%20microsystems/2481872_1.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2018/dsa-4210"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/44695/"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/2"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/5"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2020/06/10/1"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1629"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1630"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1632"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1635"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1637"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1639"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1640"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1641"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1642"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1643"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1644"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1645"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1646"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1648"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1649"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1650"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1651"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1652"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1653"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1654"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1655"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1656"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1657"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1659"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1660"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1661"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1662"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1663"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1664"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1665"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1666"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1667"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1668"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1669"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1674"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1675"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1686"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1688"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1689"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1690"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1696"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1710"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1711"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1737"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1826"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1854"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1967"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:1997"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2001"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2003"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2006"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2060"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2161"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2162"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2164"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2171"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2172"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2216"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2228"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2246"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2258"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2328"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2364"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2387"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2394"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2396"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:2948"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3396"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3397"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3398"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3399"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3400"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3401"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3407"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3423"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3424"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2018:3425"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2019:0148"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2019:1046"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3651-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3652-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3653-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3653-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3654-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3654-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3679-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3680-1/"
},
{
"trust": 1.1,
"url": "https://usn.ubuntu.com/3777-3/"
},
{
"trust": 1.0,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03850en_us"
},
{
"trust": 0.8,
"url": "https://vuls.cert.org/confluence/display/wiki/vulnerabilities+associated+with+cpu+speculative+execution"
},
{
"trust": 0.8,
"url": "https://developer.amd.com/wp-content/resources/124441_amd64_speculativestorebypassdisable_whitepaper_final.pdf"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/584653"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/208.html"
},
{
"trust": 0.8,
"url": "https://software.intel.com/sites/default/files/managed/c5/63/336996-speculative-execution-side-channel-mitigations.pdf"
},
{
"trust": 0.8,
"url": "https://software.intel.com/sites/default/files/managed/b9/f9/336983-intel-analysis-of-speculative-execution-side-channels-white-paper.pdf"
},
{
"trust": 0.8,
"url": "https://fortiguard.com/psirt/fg-ir-18-002"
},
{
"trust": 0.8,
"url": "https://support.hp.com/us-en/document/c06001626"
},
{
"trust": 0.8,
"url": "http://www.hitachi.com/hirt/publications/hirt-pub18001/"
},
{
"trust": 0.8,
"url": "https://www.ibm.com/blogs/psirt/potential-impact-processors-power-family/"
},
{
"trust": 0.8,
"url": "https://docs.microsoft.com/en-us/cpp/security/developer-guidance-speculative-execution"
},
{
"trust": 0.8,
"url": "https://www.suse.com/support/kb/doc/?id=7022937"
},
{
"trust": 0.8,
"url": "https://www.synology.com/en-global/support/security/synology_sa_18_23"
},
{
"trust": 0.8,
"url": "https://wiki.ubuntu.com/securityteam/knowledgebase/variant4"
},
{
"trust": 0.8,
"url": "https://kb.vmware.com/s/article/54951"
},
{
"trust": 0.8,
"url": "https://aws.amazon.com/security/security-bulletins/aws-2018-015/"
},
{
"trust": 0.6,
"url": "https://securitytracker.com/id/1040949"
},
{
"trust": 0.2,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03850en_us"
},
{
"trust": 0.1,
"url": "http://www.securityfocus.com/bid/104228"
},
{
"trust": 0.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180013"
},
{
"trust": 0.1,
"url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2018-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-11600"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/3485871"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-11600"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/3449601"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"db": "VULHUB",
"id": "VHN-133670"
},
{
"db": "VULHUB",
"id": "VHN-133671"
},
{
"db": "PACKETSTORM",
"id": "147739"
},
{
"db": "PACKETSTORM",
"id": "147759"
},
{
"db": "PACKETSTORM",
"id": "148322"
},
{
"db": "PACKETSTORM",
"id": "148751"
},
{
"db": "PACKETSTORM",
"id": "147930"
},
{
"db": "PACKETSTORM",
"id": "147769"
},
{
"db": "PACKETSTORM",
"id": "148853"
},
{
"db": "PACKETSTORM",
"id": "148818"
},
{
"db": "PACKETSTORM",
"id": "147749"
},
{
"db": "PACKETSTORM",
"id": "147938"
},
{
"db": "PACKETSTORM",
"id": "150079"
},
{
"db": "PACKETSTORM",
"id": "147779"
},
{
"db": "PACKETSTORM",
"id": "148695"
},
{
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#180049"
},
{
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"db": "VULHUB",
"id": "VHN-133670"
},
{
"db": "VULHUB",
"id": "VHN-133671"
},
{
"db": "PACKETSTORM",
"id": "147739"
},
{
"db": "PACKETSTORM",
"id": "147759"
},
{
"db": "PACKETSTORM",
"id": "148322"
},
{
"db": "PACKETSTORM",
"id": "148751"
},
{
"db": "PACKETSTORM",
"id": "147930"
},
{
"db": "PACKETSTORM",
"id": "147769"
},
{
"db": "PACKETSTORM",
"id": "148853"
},
{
"db": "PACKETSTORM",
"id": "148818"
},
{
"db": "PACKETSTORM",
"id": "147749"
},
{
"db": "PACKETSTORM",
"id": "147938"
},
{
"db": "PACKETSTORM",
"id": "150079"
},
{
"db": "PACKETSTORM",
"id": "147779"
},
{
"db": "PACKETSTORM",
"id": "148695"
},
{
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-21T00:00:00",
"db": "CERT/CC",
"id": "VU#180049"
},
{
"date": "2018-07-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"date": "2018-05-22T00:00:00",
"db": "VULHUB",
"id": "VHN-133670"
},
{
"date": "2018-05-22T00:00:00",
"db": "VULHUB",
"id": "VHN-133671"
},
{
"date": "2018-05-23T06:55:41",
"db": "PACKETSTORM",
"id": "147739"
},
{
"date": "2018-05-23T07:02:14",
"db": "PACKETSTORM",
"id": "147759"
},
{
"date": "2018-06-26T23:03:11",
"db": "PACKETSTORM",
"id": "148322"
},
{
"date": "2018-07-30T19:53:15",
"db": "PACKETSTORM",
"id": "148751"
},
{
"date": "2018-05-30T19:46:19",
"db": "PACKETSTORM",
"id": "147930"
},
{
"date": "2018-05-23T07:06:00",
"db": "PACKETSTORM",
"id": "147769"
},
{
"date": "2018-08-07T13:13:13",
"db": "PACKETSTORM",
"id": "148853"
},
{
"date": "2018-08-03T20:22:22",
"db": "PACKETSTORM",
"id": "148818"
},
{
"date": "2018-05-23T06:59:24",
"db": "PACKETSTORM",
"id": "147749"
},
{
"date": "2018-05-30T19:50:22",
"db": "PACKETSTORM",
"id": "147938"
},
{
"date": "2018-10-31T01:14:01",
"db": "PACKETSTORM",
"id": "150079"
},
{
"date": "2018-05-23T07:09:47",
"db": "PACKETSTORM",
"id": "147779"
},
{
"date": "2018-07-25T14:02:22",
"db": "PACKETSTORM",
"id": "148695"
},
{
"date": "2018-05-22T12:29:00.250000",
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-19T00:00:00",
"db": "CERT/CC",
"id": "VU#180049"
},
{
"date": "2018-07-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13391"
},
{
"date": "2020-09-02T00:00:00",
"db": "VULHUB",
"id": "VHN-133670"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-133671"
},
{
"date": "2021-08-13T15:26:43.697000",
"db": "NVD",
"id": "CVE-2018-3639"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks",
"sources": [
{
"db": "CERT/CC",
"id": "VU#180049"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "bypass",
"sources": [
{
"db": "PACKETSTORM",
"id": "147759"
},
{
"db": "PACKETSTORM",
"id": "148322"
},
{
"db": "PACKETSTORM",
"id": "148751"
},
{
"db": "PACKETSTORM",
"id": "147930"
},
{
"db": "PACKETSTORM",
"id": "147769"
},
{
"db": "PACKETSTORM",
"id": "148853"
},
{
"db": "PACKETSTORM",
"id": "148818"
},
{
"db": "PACKETSTORM",
"id": "147749"
},
{
"db": "PACKETSTORM",
"id": "147938"
},
{
"db": "PACKETSTORM",
"id": "150079"
},
{
"db": "PACKETSTORM",
"id": "147779"
},
{
"db": "PACKETSTORM",
"id": "148695"
}
],
"trust": 1.2
}
}
VAR-202105-1431
Vulnerability from variot - Updated: 2024-07-23 21:28The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets. IEEE 802.11 The standard has vulnerabilities related to lack of certification for critical functions.Information may be tampered with. A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device. (CVE-2020-24586) A flaw was found in the Linux kernel's WiFi implementation. An attacker within the wireless range can abuse a logic flaw in the WiFi implementation by reassembling packets from multiple fragments under different keys, treating them as valid. This flaw allows an malicious user to send a fragment under an incorrect key, treating them as a valid fragment under the new key. The highest threat from this vulnerability is to confidentiality. (CVE-2020-24587) A flaw was found in the Linux kernels wifi implementation. An attacker within wireless broadcast range can inject custom data into the wireless communication circumventing checks on the data. This can cause the frame to pass checks and be considered a valid frame of a different type. (CVE-2020-24588) Frames used for authentication and key management between the AP and connected clients. Some clients may take these redirected frames masquerading as control mechanisms from the AP. (CVE-2020-26139) A vulnerability was found in Linux kernel's WiFi implementation. An attacker within wireless range can inject a control packet fragment where the kernel does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. (CVE-2020-26141) A flaw was found in ath10k_htt_rx_proc_rx_frag_ind_hl in drivers/net/wireless/ath/ath10k/htt_rx.c in the Linux kernel WiFi implementations, where it accepts a second (or subsequent) broadcast fragments even when sent in plaintext and then process them as full unfragmented frames. The highest threat from this vulnerability is to integrity. (CVE-2020-26145) A flaw was found in ieee80211_rx_h_defragment in net/mac80211/rx.c in the Linux Kernel's WiFi implementation. This vulnerability can be abused to inject packets or exfiltrate selected fragments when another device sends fragmented frames, and the WEP, CCMP, or GCMP data-confidentiality protocol is used. The highest threat from this vulnerability is to integrity. (CVE-2020-26147) A flaw was found in the Linux kernel in certs/blacklist.c, When signature entries for EFI_CERT_X509_GUID are contained in the Secure Boot Forbidden Signature Database, the entries are skipped. This can cause a security threat and breach system integrity, confidentiality and even lead to a denial of service problem. (CVE-2020-26541) A vulnerability was found in the bluez, where Passkey Entry protocol used in Secure Simple Pairing (SSP), Secure Connections (SC) and LE Secure Connections (LESC) of the Bluetooth Core Specification is vulnerable to an impersonation attack where an active attacker can impersonate the initiating device without any previous knowledge. (CVE-2020-26558) A flaw was found in the Linux kernel. Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. The highest threat from this vulnerability is to data confidentiality and integrity. (CVE-2021-0129) A flaw was found in the Linux kernel's KVM implementation, where improper handing of the VM_IO|VM_PFNMAP VMAs in KVM bypasses RO checks and leads to pages being freed while still accessible by the VMM and guest. This flaw allows users who can start and control a VM to read/write random pages of memory, resulting in local privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, and system availability. (CVE-2021-22543) A flaw was found in the Linux kernel's handling of the removal of Bluetooth HCI controllers. This flaw allows an attacker with a local account to exploit a race condition, leading to corrupted memory and possible privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-32399) A use-after-free flaw was found in hci_send_acl in the bluetooth host controller interface (HCI) in Linux kernel, where a local attacker with an access rights could cause a denial of service problem on the system The issue results from the object hchan, freed in hci_disconn_loglink_complete_evt, yet still used in other places. The highest threat from this vulnerability is to data integrity, confidentiality and system availability. (CVE-2021-33034) The canbus filesystem in the Linux kernel contains an information leak of kernel memory to devices on the CAN bus network link layer. An attacker with the ability to dump messages on the CAN bus is able to learn of uninitialized stack values by dumbing messages on the can bus. (CVE-2021-34693) An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel. A bounds check failure allows a local malicious user to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. (CVE-2021-3506) A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. (CVE-2021-3564) A flaw use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. (CVE-2021-3573) A flaw was found in the Linux kernels NFC implementation, A NULL pointer dereference and BUG leading to a denial of service can be triggered by a local unprivileged user causing a kernel panic. (CVE-2021-38208). ========================================================================== Ubuntu Security Notice USN-4997-2 June 25, 2021
linux-kvm vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
Summary:
Several security issues were fixed in the Linux kernel. This update provides the corresponding updates for the Linux KVM kernel for Ubuntu 21.04.
Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609)
Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33200)
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly clear received fragments from memory in some situations. A physically proximate attacker could possibly use this issue to inject packets or expose sensitive information. A physically proximate attacker could possibly use this issue to decrypt fragments. (CVE-2020-24587)
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled certain malformed frames. If a user were tricked into connecting to a malicious server, a physically proximate attacker could use this issue to inject packets. (CVE-2020-24588)
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled EAPOL frames from unauthenticated senders. A physically proximate attacker could inject malicious packets to cause a denial of service (system crash). (CVE-2020-26139)
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets. A physically proximate attacker could use this issue to inject packets. (CVE-2020-26145)
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23133)
Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the nfc implementation in the Linux kernel. (CVE-2021-23134)
Manfred Paul discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel contained an out-of-bounds vulnerability. A local attacker could use this issue to execute arbitrary code. (CVE-2021-31440)
Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly prevent speculative loads in certain situations. A local attacker could use this to expose sensitive information (kernel memory). An attacker could use this issue to possibly execute arbitrary code. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3506)
Mathias Krause discovered that a null pointer dereference existed in the Nitro Enclaves kernel driver of the Linux kernel. (CVE-2021-3543)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 21.04: linux-image-5.11.0-1009-kvm 5.11.0-1009.9 linux-image-kvm 5.11.0.1009.9
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: https://ubuntu.com/security/notices/USN-4997-2 https://ubuntu.com/security/notices/USN-4997-1 CVE-2020-24586, CVE-2020-24587, CVE-2020-24588, CVE-2020-26139, CVE-2020-26141, CVE-2020-26145, CVE-2020-26147, CVE-2021-23133, CVE-2021-23134, CVE-2021-31440, CVE-2021-31829, CVE-2021-32399, CVE-2021-33034, CVE-2021-33200, CVE-2021-3506, CVE-2021-3543, CVE-2021-3609
Package Information: https://launchpad.net/ubuntu/+source/linux-kvm/5.11.0-1009.9
. Bugs fixed (https://bugzilla.redhat.com/):
2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2021:4356-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4356 Issue date: 2021-11-09 CVE Names: CVE-2020-0427 CVE-2020-24502 CVE-2020-24503 CVE-2020-24504 CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26139 CVE-2020-26140 CVE-2020-26141 CVE-2020-26143 CVE-2020-26144 CVE-2020-26145 CVE-2020-26146 CVE-2020-26147 CVE-2020-27777 CVE-2020-29368 CVE-2020-29660 CVE-2020-36158 CVE-2020-36386 CVE-2021-0129 CVE-2021-3348 CVE-2021-3489 CVE-2021-3564 CVE-2021-3573 CVE-2021-3600 CVE-2021-3635 CVE-2021-3659 CVE-2021-3679 CVE-2021-3732 CVE-2021-20194 CVE-2021-20239 CVE-2021-23133 CVE-2021-28950 CVE-2021-28971 CVE-2021-29155 CVE-2021-29646 CVE-2021-29650 CVE-2021-31440 CVE-2021-31829 CVE-2021-31916 CVE-2021-33200 ==================================================================== 1.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux CRB (v. 8) - aarch64, ppc64le, x86_64
Security Fix(es): * kernel: out-of-bounds reads in pinctrl subsystem (CVE-2020-0427) * kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24502) * kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24503) * kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24504) * kernel: Fragmentation cache not cleared on reconnection (CVE-2020-24586) * kernel: Reassembling fragments encrypted under different keys (CVE-2020-24587) * kernel: wifi frame payload being parsed incorrectly as an L2 frame (CVE-2020-24588) * kernel: Forwarding EAPOL from unauthenticated wifi client (CVE-2020-26139) * kernel: accepting plaintext data frames in protected networks (CVE-2020-26140) * kernel: not verifying TKIP MIC of fragmented frames (CVE-2020-26141) * kernel: accepting fragmented plaintext frames in protected networks (CVE-2020-26143) * kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header (CVE-2020-26144) * kernel: accepting plaintext broadcast fragments as full frames (CVE-2020-26145) * kernel: powerpc: RTAS calls can be used to compromise kernel integrity (CVE-2020-27777) * kernel: locking inconsistency in tty_io.c and tty_jobctrl.c can lead to a read-after-free (CVE-2020-29660) * kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function via a long SSID value (CVE-2020-36158) * kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() (CVE-2020-36386) * kernel: Improper access control in BlueZ may allow information disclosure vulnerability. (CVE-2021-0129) * kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c (CVE-2021-3348) * kernel: Linux kernel eBPF RINGBUF map oversized allocation (CVE-2021-3489) * kernel: double free in bluetooth subsystem when the HCI device initialization fails (CVE-2021-3564) * kernel: use-after-free in function hci_sock_bound_ioctl() (CVE-2021-3573) * kernel: eBPF 32-bit source register truncation on div/mod (CVE-2021-3600) * kernel: DoS in rb_per_cpu_empty() (CVE-2021-3679) * kernel: Mounting overlayfs inside an unprivileged user namespace can reveal files (CVE-2021-3732) * kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt() (CVE-2021-20194) * kernel: Race condition in sctp_destroy_sock list_del (CVE-2021-23133) * kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode (CVE-2021-28950) * kernel: System crash in intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c (CVE-2021-28971) * kernel: protection can be bypassed to leak content of kernel memory (CVE-2021-29155) * kernel: improper input validation in tipc_nl_retrieve_key function in net/tipc/node.c (CVE-2021-29646) * kernel: lack a full memory barrier may lead to DoS (CVE-2021-29650) * kernel: local escalation of privileges in handling of eBPF programs (CVE-2021-31440) * kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory (CVE-2021-31829) * kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier (CVE-2021-33200) * kernel: reassembling encrypted fragments with non-consecutive packet numbers (CVE-2020-26146) * kernel: reassembling mixed encrypted/plaintext fragments (CVE-2020-26147) * kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check (CVE-2020-29368) * kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50 (CVE-2021-3635) * kernel: NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (CVE-2021-3659) * kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure (CVE-2021-20239) * kernel: out of bounds array access in drivers/md/dm-ioctl.c (CVE-2021-31916)
- Solution:
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1509204 - dlm: Add ability to set SO_MARK on DLM sockets
1793880 - Unreliable RTC synchronization (11-minute mode)
1816493 - [RHEL 8.3] Discard request from mkfs.xfs takes too much time on raid10
1900844 - CVE-2020-27777 kernel: powerpc: RTAS calls can be used to compromise kernel integrity
1903244 - CVE-2020-29368 kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check
1906522 - CVE-2020-29660 kernel: locking inconsistency in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c can lead to a read-after-free
1912683 - CVE-2021-20194 kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt()
1913348 - CVE-2020-36158 kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function in drivers/net/wireless/marvell/mwifiex/join.c via a long SSID value
1915825 - Allow falling back to genfscon labeling when the FS doesn't support xattrs and there is a fs_use_xattr rule for it
1919893 - CVE-2020-0427 kernel: out-of-bounds reads in pinctrl subsystem.
1921958 - CVE-2021-3348 kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c
1923636 - CVE-2021-20239 kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure
1930376 - CVE-2020-24504 kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers
1930379 - CVE-2020-24502 kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers
1930381 - CVE-2020-24503 kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers
1933527 - Files on cifs mount can get mixed contents when underlying file is removed but inode number is reused, when mounted with 'serverino' and 'cache=strict '
1939341 - CNB: net: add inline function skb_csum_is_sctp
1941762 - CVE-2021-28950 kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode
1941784 - CVE-2021-28971 kernel: System crash in intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c
1945345 - CVE-2021-29646 kernel: improper input validation in tipc_nl_retrieve_key function in net/tipc/node.c
1945388 - CVE-2021-29650 kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS
1946965 - CVE-2021-31916 kernel: out of bounds array access in drivers/md/dm-ioctl.c
1948772 - CVE-2021-23133 kernel: Race condition in sctp_destroy_sock list_del
1951595 - CVE-2021-29155 kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory
1953847 - [ethtool] The NLM_F_MULTI should be used for NLM_F_DUMP
1954588 - RHEL kernel 8.2 and higher are affected by data corruption bug in raid1 arrays using bitmaps.
1957788 - CVE-2021-31829 kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory
1959559 - CVE-2021-3489 kernel: Linux kernel eBPF RINGBUF map oversized allocation
1959642 - CVE-2020-24586 kernel: Fragmentation cache not cleared on reconnection
1959654 - CVE-2020-24587 kernel: Reassembling fragments encrypted under different keys
1959657 - CVE-2020-24588 kernel: wifi frame payload being parsed incorrectly as an L2 frame
1959663 - CVE-2020-26139 kernel: Forwarding EAPOL from unauthenticated wifi client
1960490 - CVE-2020-26140 kernel: accepting plaintext data frames in protected networks
1960492 - CVE-2020-26141 kernel: not verifying TKIP MIC of fragmented frames
1960496 - CVE-2020-26143 kernel: accepting fragmented plaintext frames in protected networks
1960498 - CVE-2020-26144 kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header
1960500 - CVE-2020-26145 kernel: accepting plaintext broadcast fragments as full frames
1960502 - CVE-2020-26146 kernel: reassembling encrypted fragments with non-consecutive packet numbers
1960504 - CVE-2020-26147 kernel: reassembling mixed encrypted/plaintext fragments
1960708 - please add CAP_CHECKPOINT_RESTORE to capability.h
1964028 - CVE-2021-31440 kernel: local escalation of privileges in handling of eBPF programs
1964139 - CVE-2021-3564 kernel: double free in bluetooth subsystem when the HCI device initialization fails
1965038 - CVE-2021-0129 kernel: Improper access control in BlueZ may allow information disclosure vulnerability.
1965360 - kernel: get_timespec64 does not ignore padding in compat syscalls
1965458 - CVE-2021-33200 kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier
1966578 - CVE-2021-3573 kernel: use-after-free in function hci_sock_bound_ioctl()
1969489 - CVE-2020-36386 kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() in net/bluetooth/hci_event.c
1971101 - ceph: potential data corruption in cephfs write_begin codepath
1972278 - libceph: allow addrvecs with a single NONE/blank address
1974627 - [TIPC] kernel BUG at lib/list_debug.c:31!
1975182 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer [rhel-8.5.0]
1975949 - CVE-2021-3659 kernel: NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c
1976679 - blk-mq: fix/improve io scheduler batching dispatch
1976699 - [SCTP]WARNING: CPU: 29 PID: 3165 at mm/page_alloc.c:4579 __alloc_pages_slowpath+0xb74/0xd00
1976946 - CVE-2021-3635 kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50
1976969 - XFS: followup to XFS sync to upstream v5.10 (re BZ1937116)
1977162 - [XDP] test program warning: libbpf: elf: skipping unrecognized data section(16) .eh_frame
1977422 - Missing backport of IMA boot aggregate calculation in rhel 8.4 kernel
1977537 - RHEL8.5: Update the kernel workqueue code to v5.12 level
1977850 - geneve virtual devices lack the NETIF_F_FRAGLIST feature
1978369 - dm writecache: sync with upstream 5.14
1979070 - Inaccessible NFS server overloads clients (native_queued_spin_lock_slowpath connotation?)
1979680 - Backport openvswitch tracepoints
1981954 - CVE-2021-3600 kernel: eBPF 32-bit source register truncation on div/mod
1986138 - Lockd invalid cast to nlm_lockowner
1989165 - CVE-2021-3679 kernel: DoS in rb_per_cpu_empty()
1989999 - ceph omnibus backport for RHEL-8.5.0
1991976 - block: fix New warning in nvme_setup_discard
1992700 - blk-mq: fix kernel panic when iterating over flush request
1995249 - CVE-2021-3732 kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files
1996854 - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc()
- Package List:
Red Hat Enterprise Linux BaseOS (v. 8):
Source: kernel-4.18.0-348.el8.src.rpm
aarch64: bpftool-4.18.0-348.el8.aarch64.rpm bpftool-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-4.18.0-348.el8.aarch64.rpm kernel-core-4.18.0-348.el8.aarch64.rpm kernel-cross-headers-4.18.0-348.el8.aarch64.rpm kernel-debug-4.18.0-348.el8.aarch64.rpm kernel-debug-core-4.18.0-348.el8.aarch64.rpm kernel-debug-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-debug-devel-4.18.0-348.el8.aarch64.rpm kernel-debug-modules-4.18.0-348.el8.aarch64.rpm kernel-debug-modules-extra-4.18.0-348.el8.aarch64.rpm kernel-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-348.el8.aarch64.rpm kernel-devel-4.18.0-348.el8.aarch64.rpm kernel-headers-4.18.0-348.el8.aarch64.rpm kernel-modules-4.18.0-348.el8.aarch64.rpm kernel-modules-extra-4.18.0-348.el8.aarch64.rpm kernel-tools-4.18.0-348.el8.aarch64.rpm kernel-tools-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-tools-libs-4.18.0-348.el8.aarch64.rpm perf-4.18.0-348.el8.aarch64.rpm perf-debuginfo-4.18.0-348.el8.aarch64.rpm python3-perf-4.18.0-348.el8.aarch64.rpm python3-perf-debuginfo-4.18.0-348.el8.aarch64.rpm
noarch: kernel-abi-stablelists-4.18.0-348.el8.noarch.rpm kernel-doc-4.18.0-348.el8.noarch.rpm
ppc64le: bpftool-4.18.0-348.el8.ppc64le.rpm bpftool-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-4.18.0-348.el8.ppc64le.rpm kernel-core-4.18.0-348.el8.ppc64le.rpm kernel-cross-headers-4.18.0-348.el8.ppc64le.rpm kernel-debug-4.18.0-348.el8.ppc64le.rpm kernel-debug-core-4.18.0-348.el8.ppc64le.rpm kernel-debug-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-debug-devel-4.18.0-348.el8.ppc64le.rpm kernel-debug-modules-4.18.0-348.el8.ppc64le.rpm kernel-debug-modules-extra-4.18.0-348.el8.ppc64le.rpm kernel-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-348.el8.ppc64le.rpm kernel-devel-4.18.0-348.el8.ppc64le.rpm kernel-headers-4.18.0-348.el8.ppc64le.rpm kernel-modules-4.18.0-348.el8.ppc64le.rpm kernel-modules-extra-4.18.0-348.el8.ppc64le.rpm kernel-tools-4.18.0-348.el8.ppc64le.rpm kernel-tools-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-tools-libs-4.18.0-348.el8.ppc64le.rpm perf-4.18.0-348.el8.ppc64le.rpm perf-debuginfo-4.18.0-348.el8.ppc64le.rpm python3-perf-4.18.0-348.el8.ppc64le.rpm python3-perf-debuginfo-4.18.0-348.el8.ppc64le.rpm
s390x: bpftool-4.18.0-348.el8.s390x.rpm bpftool-debuginfo-4.18.0-348.el8.s390x.rpm kernel-4.18.0-348.el8.s390x.rpm kernel-core-4.18.0-348.el8.s390x.rpm kernel-cross-headers-4.18.0-348.el8.s390x.rpm kernel-debug-4.18.0-348.el8.s390x.rpm kernel-debug-core-4.18.0-348.el8.s390x.rpm kernel-debug-debuginfo-4.18.0-348.el8.s390x.rpm kernel-debug-devel-4.18.0-348.el8.s390x.rpm kernel-debug-modules-4.18.0-348.el8.s390x.rpm kernel-debug-modules-extra-4.18.0-348.el8.s390x.rpm kernel-debuginfo-4.18.0-348.el8.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-348.el8.s390x.rpm kernel-devel-4.18.0-348.el8.s390x.rpm kernel-headers-4.18.0-348.el8.s390x.rpm kernel-modules-4.18.0-348.el8.s390x.rpm kernel-modules-extra-4.18.0-348.el8.s390x.rpm kernel-tools-4.18.0-348.el8.s390x.rpm kernel-tools-debuginfo-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-core-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-devel-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-modules-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-348.el8.s390x.rpm perf-4.18.0-348.el8.s390x.rpm perf-debuginfo-4.18.0-348.el8.s390x.rpm python3-perf-4.18.0-348.el8.s390x.rpm python3-perf-debuginfo-4.18.0-348.el8.s390x.rpm
x86_64: bpftool-4.18.0-348.el8.x86_64.rpm bpftool-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-4.18.0-348.el8.x86_64.rpm kernel-core-4.18.0-348.el8.x86_64.rpm kernel-cross-headers-4.18.0-348.el8.x86_64.rpm kernel-debug-4.18.0-348.el8.x86_64.rpm kernel-debug-core-4.18.0-348.el8.x86_64.rpm kernel-debug-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-debug-devel-4.18.0-348.el8.x86_64.rpm kernel-debug-modules-4.18.0-348.el8.x86_64.rpm kernel-debug-modules-extra-4.18.0-348.el8.x86_64.rpm kernel-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm kernel-devel-4.18.0-348.el8.x86_64.rpm kernel-headers-4.18.0-348.el8.x86_64.rpm kernel-modules-4.18.0-348.el8.x86_64.rpm kernel-modules-extra-4.18.0-348.el8.x86_64.rpm kernel-tools-4.18.0-348.el8.x86_64.rpm kernel-tools-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-tools-libs-4.18.0-348.el8.x86_64.rpm perf-4.18.0-348.el8.x86_64.rpm perf-debuginfo-4.18.0-348.el8.x86_64.rpm python3-perf-4.18.0-348.el8.x86_64.rpm python3-perf-debuginfo-4.18.0-348.el8.x86_64.rpm
Red Hat Enterprise Linux CRB (v. 8):
aarch64: bpftool-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-debug-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-348.el8.aarch64.rpm kernel-tools-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-tools-libs-devel-4.18.0-348.el8.aarch64.rpm perf-debuginfo-4.18.0-348.el8.aarch64.rpm python3-perf-debuginfo-4.18.0-348.el8.aarch64.rpm
ppc64le: bpftool-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-debug-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-348.el8.ppc64le.rpm kernel-tools-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-tools-libs-devel-4.18.0-348.el8.ppc64le.rpm perf-debuginfo-4.18.0-348.el8.ppc64le.rpm python3-perf-debuginfo-4.18.0-348.el8.ppc64le.rpm
x86_64: bpftool-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-debug-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm kernel-tools-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-tools-libs-devel-4.18.0-348.el8.x86_64.rpm perf-debuginfo-4.18.0-348.el8.x86_64.rpm python3-perf-debuginfo-4.18.0-348.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYYrdRdzjgjWX9erEAQhs0w//as9X4T+FCf3TAbcNIStxlOK6fbJoAlST FrgNJnRH3RmT+VxRSLWZcsJQf78kudeJWtMezbGSVREfhCMBCGhKZ7mvVp5P7J8l bobmdaap3hqkPqq66VuKxGuS+6j0rXXgGQH034yzoX+L/lx6KV9qdAnZZO+7kWcy SfX0GkLg0ARDMfsoUKwVmeUeNLhPlJ4ZH2rBdZ4FhjyEAG/5yL9JwU/VNReWHjhW HgarTuSnFR3vLQDKyjMIEEiBPOI162hS2j3Ba/A/1hJ70HOjloJnd0eWYGxSuIfC DRrzlacFNAzBPZsbRFi1plXrHh5LtNoBBWjl+xyb6jRsB8eXgS+WhzUhOXGUv01E lJTwFy5Kz71d+cAhRXgmz5gVgWuoNJw8AEImefWcy4n0EEK55vdFe0Sl7BfZiwpD Jhx97He6OurNnLrYyJJ0+TsU1L33794Ag2AJZnN1PLFUyrKKNlD1ZWtdsJg99klK dQteUTnnUhgDG5Tqulf0wX19BEkLd/O6CRyGueJcV4h4PFpSoWOh5Yy/BlokFzc8 zf14PjuVueIodaIUXtK+70Zmw7tg09Dx5Asyfuk5hWFPYv856nHlDn7PT724CU8v 1cp96h1IjLR6cF17NO2JCcbU0XZEW+aCkGkPcsY8DhBmaZqxUxXObvTD80Mm7EvN +PuV5cms0sE=2UUA -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Solution:
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
For Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:
https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html
- Bugs fixed (https://bugzilla.redhat.com/):
1963232 - CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment
- JIRA issues fixed (https://issues.jboss.org/):
LOG-1168 - Disable hostname verification in syslog TLS settings
LOG-1235 - Using HTTPS without a secret does not translate into the correct 'scheme' value in Fluentd
LOG-1375 - ssl_ca_cert should be optional
LOG-1378 - CLO should support sasl_plaintext(Password over http)
LOG-1392 - In fluentd config, flush_interval can't be set with flush_mode=immediate
LOG-1494 - Syslog output is serializing json incorrectly
LOG-1555 - Fluentd logs emit transaction failed: error_class=NoMethodError while forwarding to external syslog server
LOG-1575 - Rejected by Elasticsearch and unexpected json-parsing
LOG-1735 - Regression introducing flush_at_shutdown
LOG-1774 - The collector logs should be excluded in fluent.conf
LOG-1776 - fluentd total_limit_size sets value beyond available space
LOG-1822 - OpenShift Alerting Rules Style-Guide Compliance
LOG-1859 - CLO Should not error and exit early on missing ca-bundle when cluster wide proxy is not enabled
LOG-1862 - Unsupported kafka parameters when enabled Kafka SASL
LOG-1903 - Fix the Display of ClusterLogging type in OLM
LOG-1911 - CLF API changes to Opt-in to multiline error detection
LOG-1918 - Alert FluentdNodeDown always firing
LOG-1939 - Opt-in multiline detection breaks cloudwatch forwarding
6
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202105-1431",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "catalyst 9115axe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "5.10"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "5.12"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "catalyst 9105axi",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mr42e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "windows rt 8.1",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "c-120",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": null
},
{
"model": "aironet 1842",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "aironet 1815",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1607"
},
{
"model": "scalance w1748-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance wam766-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "catalyst 9115axi",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "mac80211",
"scope": "eq",
"trust": 1.0,
"vendor": "linux",
"version": null
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "meraki mr72",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "scalance w1788-2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "aironet 1800i",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 9124",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "webex board 55",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "webex room 70 single",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1909"
},
{
"model": "killer wi-fi 6e ax1675",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.14.235"
},
{
"model": "meraki mr53e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "webex dx80",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "scalance w774-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1809"
},
{
"model": "scalance w786-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "windows 7",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "catalyst 9117",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 9120",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mr74",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 9120axp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "scalance w788-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "1109-2p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mr34",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mr62",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "scalance w738-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "webex room 55",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "proset wi-fi 6 ax201",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "c-230",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": null
},
{
"model": "scalance w786-2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "2004"
},
{
"model": "meraki mr45",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "c-110",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": null
},
{
"model": "catalyst 9117 ap",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mr66",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mx67cw",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mx67w",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "scalance w1750d",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "meraki mr26",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "ac 9560",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "ir829gw-lte-ga-ek9",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 9130axi",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "aironet 1810",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "scalance w778-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w788-2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "ir829-2lte-ea-bk9",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mr56",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "meraki mr52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "c-235",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": null
},
{
"model": "ir829gw-lte-ga-ck9",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 9115",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "w-118",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": null
},
{
"model": "aironet 1532",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 9105axw",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 9115 ap",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "ir829gw-lte-na-ak9",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.4.271"
},
{
"model": "webex room kit mini",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "webex dx70",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "ir829gw-lte-vz-ak9",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "webex room 55 dual",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "o-90",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": null
},
{
"model": "c-130",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": null
},
{
"model": "w-68",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": null
},
{
"model": "aironet 1542d",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "aironet 1832",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "20h2"
},
{
"model": "c-100",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": null
},
{
"model": "proset ac 9560",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "c-75",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": null
},
{
"model": "meraki mr46e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mr70",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "aironet 1810w",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "scalance wam766-1 6ghz",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "meraki mx65w",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "proset ac 8260",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "catalyst 9130axe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "proset wi-fi 6e ax210",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "ip phone 8861",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "aironet 1852",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "ac 8260",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "2004"
},
{
"model": "catalyst 9120axi",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "ir829-2lte-ea-ak9",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki gr10",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mr12",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mr76",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "proset ac 8265",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "webex room 70 dual g2",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "scalance w734-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "ac 8265",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "scalance w1788-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "aironet iw3702",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "webex board 70",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "scalance wam763-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "catalyst 9120axe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "c-260",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": null
},
{
"model": "802.11",
"scope": "eq",
"trust": 1.0,
"vendor": "ieee",
"version": "*"
},
{
"model": "catalyst 9130 ap",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "proset ac 3165",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "5.4"
},
{
"model": "webex room 70",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.4.0"
},
{
"model": "scalance wum763-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w761-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "meraki mx68w",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone 8865",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 9130",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 9120 ap",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "1100-8p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "ir829gw-lte-ga-zk9",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone 8832",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mr53",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.4.124"
},
{
"model": "c-200",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": null
},
{
"model": "aironet 1815i",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mr33",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "webex board 55s",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "scalance w721-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "meraki mx68cw",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "proset wireless 7265 \\",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "proset ac 9260",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "scalance w748-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "meraki z3c",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.14"
},
{
"model": "ir829gw-lte-ga-sk9",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "aironet 1800",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mr86",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "webex room kit",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 9105",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.19"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.12.9"
},
{
"model": "proset ac 3168",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "meraki mr20",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki z3",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "proset wi-fi 6 ax200",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.9.0"
},
{
"model": "catalyst 9117axi",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.9.271"
},
{
"model": "ip phone 6861",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "ac 9260",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "o-105",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": null
},
{
"model": "catalyst 9124axi",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "webex room 70 single g2",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mr84",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki gr60",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "webex board 70s",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "killer wi-fi 6 ax1650",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "meraki mr32",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "1100",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone 8821",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "scalance w786-2ia",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "wi-fi 6 ax201",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "catalyst 9124axd",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "c-65",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": null
},
{
"model": "meraki mr55",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "proset ac 9462",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.10.42"
},
{
"model": "meraki mr30h",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "wi-fi 6 ax200",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "scalance wum766-1 6ghz",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "ir829-2lte-ea-ek9",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "killer ac 1550",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "proset ac 9461",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.19.193"
},
{
"model": "scalance w1788-2ia",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "1100-4p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mr42",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "webex board 85s",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mr46",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "scalance wum766-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "c-250",
"scope": "eq",
"trust": 1.0,
"vendor": "arista",
"version": null
},
{
"model": "meraki mr44",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mx64w",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "meraki mr36",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "aironet ap803",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "1109-4p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "1101-4p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "aironet 1542i",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "webex room 70 dual",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "scalance w722-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "microsoft windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
"version": null
},
{
"model": "802.11",
"scope": null,
"trust": 0.8,
"vendor": "ieee",
"version": null
},
{
"model": "microsoft windows 7",
"scope": null,
"trust": 0.8,
"vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
"version": null
},
{
"model": "mac80211",
"scope": null,
"trust": 0.8,
"vendor": "linux",
"version": null
},
{
"model": "microsoft windows server 2016",
"scope": null,
"trust": 0.8,
"vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
"version": null
},
{
"model": "microsoft windows 10",
"scope": null,
"trust": 0.8,
"vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "aterm",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u672c\u96fb\u6c17",
"version": null
},
{
"model": "microsoft windows 8.1",
"scope": null,
"trust": 0.8,
"vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
"version": null
},
{
"model": "microsoft windows server 2019",
"scope": null,
"trust": 0.8,
"vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
"version": null
},
{
"model": "microsoft windows server 2008",
"scope": null,
"trust": 0.8,
"vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
"version": null
},
{
"model": "nec ai accelerator",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u672c\u96fb\u6c17",
"version": null
},
{
"model": "microsoft windows server 2012",
"scope": null,
"trust": 0.8,
"vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-006877"
},
{
"db": "NVD",
"id": "CVE-2020-24588"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ieee:ieee_802.11:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:linux:mac80211:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w1748-1_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w1748-1:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w1750d_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w1788-1_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w1788-1:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w1788-2_firmware:-:*:*:*:*:*:eec_m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w1788-2:-:*:*:*:*:*:eec_m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w1788-2_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w1788-2:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w1788-2ia_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w1788-2ia:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w721-1_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w721-1:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w722-1_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w722-1:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w734-1_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w734-1:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w738-1_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w738-1:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w748-1_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w748-1:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w748-1_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w748-1:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w761-1_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w761-1:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w774-1_firmware:-:*:*:*:*:*:m12_eec:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w774-1:-:*:*:*:*:*:m12_eec:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w774-1_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w774-1:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w778-1_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w778-1:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w778-1_firmware:-:*:*:*:*:*:m12_eec:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w778-1:-:*:*:*:*:*:m12_eec:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w786-1_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w786-1:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w786-2_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w786-2:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w786-2_firmware:-:*:*:*:*:*:sfp:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w786-2:-:*:*:*:*:*:sfp:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w786-2ia_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w786-2ia:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w788-1_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w788-1:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w788-1_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w788-1:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w788-2_firmware:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w788-2:-:*:*:*:*:*:m12:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w788-2_firmware:-:*:*:*:*:*:m12_eec:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w788-2:-:*:*:*:*:*:m12_eec:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w788-2_firmware:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w788-2:-:*:*:*:*:*:rj45:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_wam763-1_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_wam763-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_wam766-1_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_wam766-1_firmware:-:*:*:*:*:*:eec:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_wam766-1:-:*:*:*:*:*:eec:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_wam766-1_6ghz_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_wam766-1_6ghz:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_wam766-1_6ghz_firmware:-:*:*:*:*:*:eec:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_wam766-1_6ghz:-:*:*:*:*:*:eec:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_wum763-1_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_wum763-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_wum766-1_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_wum766-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_wum766-1_6ghz_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_wum766-1_6ghz:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-100_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-110_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-120_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-120:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-130_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-130:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-200_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-230_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-230:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-235_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-235:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-250_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-250:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-260_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-260:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-65_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-65:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:c-75_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:c-75:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:o-105_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:o-105:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:o-90_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:o-90:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:w-118_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:w-118:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:arista:w-68_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:arista:w-68:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:1100_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:1100-4p_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:1100-4p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:1100-8p_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:1100-8p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:1101-4p_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:1101-4p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:1109-2p_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:1109-2p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:1109-4p_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:1109-4p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1532_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1532:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1542d_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1542i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1800_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1800i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1800i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1810_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1810w_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1810w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1815_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1815i_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1832_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1832:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1842_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1842:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_1852_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_1852:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_ap803_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_ap803:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:aironet_iw3702_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:aironet_iw3702:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9105_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9105axi_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9105axw_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9115_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9115_ap_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9115axe_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9115axi_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9117_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9117_ap_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9117axi_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9120_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9120_ap_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9120axe_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9120axi_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9120axp_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9124_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9124axd_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9124axi_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9130_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9130_ap_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9130axe_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catalyst_9130axi_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ip_phone_6861_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ip_phone_6861:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ip_phone_8821_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ip_phone_8821:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ip_phone_8832_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ip_phone_8832:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ip_phone_8861_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ip_phone_8865_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829-2lte-ea-ak9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829-2lte-ea-ak9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829-2lte-ea-bk9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829-2lte-ea-bk9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829-2lte-ea-ek9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829-2lte-ea-ek9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829gw-lte-ga-ck9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829gw-lte-ga-ck9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829gw-lte-ga-ek9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829gw-lte-ga-ek9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829gw-lte-ga-sk9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829gw-lte-ga-sk9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829gw-lte-ga-zk9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829gw-lte-ga-zk9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829gw-lte-na-ak9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829gw-lte-na-ak9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ir829gw-lte-vz-ak9_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ir829gw-lte-vz-ak9:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_gr10_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_gr10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_gr60_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_gr60:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr12_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr12:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr20_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr26_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr26:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr30h_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr30h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr32_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr32:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr33_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr33:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr34_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr34:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr36_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr36:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr42_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr42:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr42e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr42e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr44_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr44:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr45_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr45:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr46_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr46:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr46e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr46e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr52_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr52:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr53_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr53:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr53e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr53e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr55_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr55:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr56_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr56:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr62_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr62:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr66_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr66:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr70_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr70:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr72_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr72:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr74_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr74:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr76_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr76:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr84_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr84:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mr86_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mr86:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx64w_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx65w_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx65w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx67cw_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx67cw:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx67w_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_mx68w_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_z3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_z3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:meraki_z3c_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:meraki_z3c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_board_55_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_board_55:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_board_55s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_board_55s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_board_70_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_board_70:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_board_70s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_board_70s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_board_85s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_board_85s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_dx70_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_dx70:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_dx80_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_dx80:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_55_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_55:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_55_dual_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_55_dual:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_70_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_70:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_70_dual_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_70_dual:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_70_dual_g2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_70_dual_g2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_70_single_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_70_single:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_70_single_g2_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_70_single_g2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_kit_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_kit:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:webex_room_kit_mini_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:webex_room_kit_mini:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:ac_8260_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:ac_8260:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:ac_8265_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:ac_8265:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:ac_9260_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:ac_9260:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:ac_9560_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:ac_9560:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:killer_ac_1550_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:killer_ac_1550:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:killer_wi-fi_6_ax1650_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:killer_wi-fi_6_ax1650:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:killer_wi-fi_6e_ax1675_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:killer_wi-fi_6e_ax1675:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_ac_3165_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_ac_3165:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_ac_3168_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_ac_3168:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_ac_8260_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_ac_8260:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_ac_8265_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_ac_8265:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_ac_9260_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_ac_9260:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_ac_9461_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_ac_9461:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_ac_9462_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_ac_9462:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_ac_9560_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_ac_9560:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_wi-fi_6_ax200_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_wi-fi_6_ax200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_wi-fi_6_ax201_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_wi-fi_6_ax201:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_wi-fi_6e_ax210_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_wi-fi_6e_ax210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:proset_wireless_7265_\\(rev_d\\)_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:proset_wireless_7265_\\(rev_d\\):-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:wi-fi_6_ax200_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:wi-fi_6_ax200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:intel:wi-fi_6_ax201_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:wi-fi_6_ax201:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.14.235",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.19.193",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.4.124",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.10.42",
"versionStartIncluding": "5.10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.12.9",
"versionStartIncluding": "5.12",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.9.271",
"versionStartIncluding": "4.9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.4.271",
"versionStartIncluding": "4.4.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-24588"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mitsubishi Electric reported these vulnerabilities to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-633"
}
],
"trust": 0.6
},
"cve": "CVE-2020-24588",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-24588",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.1,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-24588",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-24588",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202105-633",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2020-24588",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-24588"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006877"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-633"
},
{
"db": "NVD",
"id": "CVE-2020-24588"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets. IEEE 802.11 The standard has vulnerabilities related to lack of certification for critical functions.Information may be tampered with. A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device. (CVE-2020-24586)\nA flaw was found in the Linux kernel\u0027s WiFi implementation. An attacker within the wireless range can abuse a logic flaw in the WiFi implementation by reassembling packets from multiple fragments under different keys, treating them as valid. This flaw allows an malicious user to send a fragment under an incorrect key, treating them as a valid fragment under the new key. The highest threat from this vulnerability is to confidentiality. (CVE-2020-24587)\nA flaw was found in the Linux kernels wifi implementation. An attacker within wireless broadcast range can inject custom data into the wireless communication circumventing checks on the data. This can cause the frame to pass checks and be considered a valid frame of a different type. (CVE-2020-24588)\nFrames used for authentication and key management between the AP and connected clients. Some clients may take these redirected frames masquerading as control mechanisms from the AP. (CVE-2020-26139)\nA vulnerability was found in Linux kernel\u0027s WiFi implementation. An attacker within wireless range can inject a control packet fragment where the kernel does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. (CVE-2020-26141)\nA flaw was found in ath10k_htt_rx_proc_rx_frag_ind_hl in drivers/net/wireless/ath/ath10k/htt_rx.c in the Linux kernel WiFi implementations, where it accepts a second (or subsequent) broadcast fragments even when sent in plaintext and then process them as full unfragmented frames. The highest threat from this vulnerability is to integrity. (CVE-2020-26145)\nA flaw was found in ieee80211_rx_h_defragment in net/mac80211/rx.c in the Linux Kernel\u0027s WiFi implementation. This vulnerability can be abused to inject packets or exfiltrate selected fragments when another device sends fragmented frames, and the WEP, CCMP, or GCMP data-confidentiality protocol is used. The highest threat from this vulnerability is to integrity. (CVE-2020-26147)\nA flaw was found in the Linux kernel in certs/blacklist.c, When signature entries for EFI_CERT_X509_GUID are contained in the Secure Boot Forbidden Signature Database, the entries are skipped. This can cause a security threat and breach system integrity, confidentiality and even lead to a denial of service problem. (CVE-2020-26541)\nA vulnerability was found in the bluez, where Passkey Entry protocol used in Secure Simple Pairing (SSP), Secure Connections (SC) and LE Secure Connections (LESC) of the Bluetooth Core Specification is vulnerable to an impersonation attack where an active attacker can impersonate the initiating device without any previous knowledge. (CVE-2020-26558)\nA flaw was found in the Linux kernel. Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. The highest threat from this vulnerability is to data confidentiality and integrity. (CVE-2021-0129)\nA flaw was found in the Linux kernel\u0027s KVM implementation, where improper handing of the VM_IO|VM_PFNMAP VMAs in KVM bypasses RO checks and leads to pages being freed while still accessible by the VMM and guest. This flaw allows users who can start and control a VM to read/write random pages of memory, resulting in local privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, and system availability. (CVE-2021-22543)\nA flaw was found in the Linux kernel\u0027s handling of the removal of Bluetooth HCI controllers. This flaw allows an attacker with a local account to exploit a race condition, leading to corrupted memory and possible privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-32399)\nA use-after-free flaw was found in hci_send_acl in the bluetooth host controller interface (HCI) in Linux kernel, where a local attacker with an access rights could cause a denial of service problem on the system The issue results from the object hchan, freed in hci_disconn_loglink_complete_evt, yet still used in other places. The highest threat from this vulnerability is to data integrity, confidentiality and system availability. (CVE-2021-33034)\nThe canbus filesystem in the Linux kernel contains an information leak of kernel memory to devices on the CAN bus network link layer. An attacker with the ability to dump messages on the CAN bus is able to learn of uninitialized stack values by dumbing messages on the can bus. (CVE-2021-34693)\nAn out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel. A bounds check failure allows a local malicious user to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. (CVE-2021-3506)\nA flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. (CVE-2021-3564)\nA flaw use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. (CVE-2021-3573)\nA flaw was found in the Linux kernels NFC implementation, A NULL pointer dereference and BUG leading to a denial of service can be triggered by a local unprivileged user causing a kernel panic. (CVE-2021-38208). ==========================================================================\nUbuntu Security Notice USN-4997-2\nJune 25, 2021\n\nlinux-kvm vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 21.04\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. \nThis update provides the corresponding updates for the Linux KVM\nkernel for Ubuntu 21.04. \n\nNorbert Slusarek discovered a race condition in the CAN BCM networking\nprotocol of the Linux kernel leading to multiple use-after-free\nvulnerabilities. A local attacker could use this issue to execute arbitrary\ncode. (CVE-2021-3609)\n\nPiotr Krysiuk discovered that the eBPF implementation in the Linux kernel\ndid not properly enforce limits for pointer operations. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2021-33200)\n\nMathy Vanhoef discovered that the Linux kernel\u2019s WiFi implementation did\nnot properly clear received fragments from memory in some situations. A\nphysically proximate attacker could possibly use this issue to inject\npackets or expose sensitive information. A physically proximate attacker\ncould possibly use this issue to decrypt fragments. (CVE-2020-24587)\n\nMathy Vanhoef discovered that the Linux kernel\u2019s WiFi implementation\nincorrectly handled certain malformed frames. If a user were tricked into\nconnecting to a malicious server, a physically proximate attacker could use\nthis issue to inject packets. (CVE-2020-24588)\n\nMathy Vanhoef discovered that the Linux kernel\u2019s WiFi implementation\nincorrectly handled EAPOL frames from unauthenticated senders. A physically\nproximate attacker could inject malicious packets to cause a denial of\nservice (system crash). (CVE-2020-26139)\n\nMathy Vanhoef discovered that the Linux kernel\u2019s WiFi implementation did\nnot properly verify certain fragmented frames. A physically proximate\nattacker could possibly use this issue to inject or decrypt packets. A physically proximate\nattacker could use this issue to inject packets. (CVE-2020-26145)\n\nMathy Vanhoef discovered that the Linux kernel\u2019s WiFi implementation could\nreassemble mixed encrypted and plaintext fragments. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2021-23133)\n\nOr Cohen and Nadav Markus discovered a use-after-free vulnerability in the\nnfc implementation in the Linux kernel. (CVE-2021-23134)\n\nManfred Paul discovered that the extended Berkeley Packet Filter (eBPF)\nimplementation in the Linux kernel contained an out-of-bounds\nvulnerability. A local attacker could use this issue to execute arbitrary\ncode. (CVE-2021-31440)\n\nPiotr Krysiuk discovered that the eBPF implementation in the Linux kernel\ndid not properly prevent speculative loads in certain situations. A local\nattacker could use this to expose sensitive information (kernel memory). An attacker could use this\nissue to possibly execute arbitrary code. A local attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code. (CVE-2021-3506)\n\nMathias Krause discovered that a null pointer dereference existed in the\nNitro Enclaves kernel driver of the Linux kernel. (CVE-2021-3543)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 21.04:\n linux-image-5.11.0-1009-kvm 5.11.0-1009.9\n linux-image-kvm 5.11.0.1009.9\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. \n\nReferences:\n https://ubuntu.com/security/notices/USN-4997-2\n https://ubuntu.com/security/notices/USN-4997-1\n CVE-2020-24586, CVE-2020-24587, CVE-2020-24588, CVE-2020-26139,\n CVE-2020-26141, CVE-2020-26145, CVE-2020-26147, CVE-2021-23133,\n CVE-2021-23134, CVE-2021-31440, CVE-2021-31829, CVE-2021-32399,\n CVE-2021-33034, CVE-2021-33200, CVE-2021-3506, CVE-2021-3543,\n CVE-2021-3609\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/linux-kvm/5.11.0-1009.9\n\n. Bugs fixed (https://bugzilla.redhat.com/):\n\n2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value\n\n5. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: kernel security, bug fix, and enhancement update\nAdvisory ID: RHSA-2021:4356-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:4356\nIssue date: 2021-11-09\nCVE Names: CVE-2020-0427 CVE-2020-24502 CVE-2020-24503\n CVE-2020-24504 CVE-2020-24586 CVE-2020-24587\n CVE-2020-24588 CVE-2020-26139 CVE-2020-26140\n CVE-2020-26141 CVE-2020-26143 CVE-2020-26144\n CVE-2020-26145 CVE-2020-26146 CVE-2020-26147\n CVE-2020-27777 CVE-2020-29368 CVE-2020-29660\n CVE-2020-36158 CVE-2020-36386 CVE-2021-0129\n CVE-2021-3348 CVE-2021-3489 CVE-2021-3564\n CVE-2021-3573 CVE-2021-3600 CVE-2021-3635\n CVE-2021-3659 CVE-2021-3679 CVE-2021-3732\n CVE-2021-20194 CVE-2021-20239 CVE-2021-23133\n CVE-2021-28950 CVE-2021-28971 CVE-2021-29155\n CVE-2021-29646 CVE-2021-29650 CVE-2021-31440\n CVE-2021-31829 CVE-2021-31916 CVE-2021-33200\n====================================================================\n1. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux CRB (v. 8) - aarch64, ppc64le, x86_64\n\n3. \n\nSecurity Fix(es):\n* kernel: out-of-bounds reads in pinctrl subsystem (CVE-2020-0427)\n* kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter\ndrivers (CVE-2020-24502)\n* kernel: Insufficient access control in some Intel(R) Ethernet E810\nAdapter drivers (CVE-2020-24503)\n* kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810\nAdapter drivers (CVE-2020-24504)\n* kernel: Fragmentation cache not cleared on reconnection (CVE-2020-24586)\n* kernel: Reassembling fragments encrypted under different keys\n(CVE-2020-24587)\n* kernel: wifi frame payload being parsed incorrectly as an L2 frame\n(CVE-2020-24588)\n* kernel: Forwarding EAPOL from unauthenticated wifi client\n(CVE-2020-26139)\n* kernel: accepting plaintext data frames in protected networks\n(CVE-2020-26140)\n* kernel: not verifying TKIP MIC of fragmented frames (CVE-2020-26141)\n* kernel: accepting fragmented plaintext frames in protected networks\n(CVE-2020-26143)\n* kernel: accepting unencrypted A-MSDU frames that start with RFC1042\nheader (CVE-2020-26144)\n* kernel: accepting plaintext broadcast fragments as full frames\n(CVE-2020-26145)\n* kernel: powerpc: RTAS calls can be used to compromise kernel integrity\n(CVE-2020-27777)\n* kernel: locking inconsistency in tty_io.c and tty_jobctrl.c can lead to a\nread-after-free (CVE-2020-29660)\n* kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function via a\nlong SSID value (CVE-2020-36158)\n* kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt()\n(CVE-2020-36386)\n* kernel: Improper access control in BlueZ may allow information disclosure\nvulnerability. (CVE-2021-0129)\n* kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c\n(CVE-2021-3348)\n* kernel: Linux kernel eBPF RINGBUF map oversized allocation\n(CVE-2021-3489)\n* kernel: double free in bluetooth subsystem when the HCI device\ninitialization fails (CVE-2021-3564)\n* kernel: use-after-free in function hci_sock_bound_ioctl() (CVE-2021-3573)\n* kernel: eBPF 32-bit source register truncation on div/mod (CVE-2021-3600)\n* kernel: DoS in rb_per_cpu_empty() (CVE-2021-3679)\n* kernel: Mounting overlayfs inside an unprivileged user namespace can\nreveal files (CVE-2021-3732)\n* kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt()\n(CVE-2021-20194)\n* kernel: Race condition in sctp_destroy_sock list_del (CVE-2021-23133)\n* kernel: fuse: stall on CPU can occur because a retry loop continually\nfinds the same bad inode (CVE-2021-28950)\n* kernel: System crash in intel_pmu_drain_pebs_nhm in\narch/x86/events/intel/ds.c (CVE-2021-28971)\n* kernel: protection can be bypassed to leak content of kernel memory\n(CVE-2021-29155)\n* kernel: improper input validation in tipc_nl_retrieve_key function in\nnet/tipc/node.c (CVE-2021-29646)\n* kernel: lack a full memory barrier may lead to DoS (CVE-2021-29650)\n* kernel: local escalation of privileges in handling of eBPF programs\n(CVE-2021-31440)\n* kernel: protection of stack pointer against speculative pointer\narithmetic can be bypassed to leak content of kernel memory\n(CVE-2021-31829)\n* kernel: out-of-bounds reads and writes due to enforcing incorrect limits\nfor pointer arithmetic operations by BPF verifier (CVE-2021-33200)\n* kernel: reassembling encrypted fragments with non-consecutive packet\nnumbers (CVE-2020-26146)\n* kernel: reassembling mixed encrypted/plaintext fragments (CVE-2020-26147)\n* kernel: the copy-on-write implementation can grant unintended write\naccess because of a race condition in a THP mapcount check (CVE-2020-29368)\n* kernel: flowtable list del corruption with kernel BUG at\nlib/list_debug.c:50 (CVE-2021-3635)\n* kernel: NULL pointer dereference in llsec_key_alloc() in\nnet/mac802154/llsec.c (CVE-2021-3659)\n* kernel: setsockopt System Call Untrusted Pointer Dereference Information\nDisclosure (CVE-2021-20239)\n* kernel: out of bounds array access in drivers/md/dm-ioctl.c\n(CVE-2021-31916)\n\n4. Solution:\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.5 Release Notes linked from the References section. \n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1509204 - dlm: Add ability to set SO_MARK on DLM sockets\n1793880 - Unreliable RTC synchronization (11-minute mode)\n1816493 - [RHEL 8.3] Discard request from mkfs.xfs takes too much time on raid10\n1900844 - CVE-2020-27777 kernel: powerpc: RTAS calls can be used to compromise kernel integrity\n1903244 - CVE-2020-29368 kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check\n1906522 - CVE-2020-29660 kernel: locking inconsistency in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c can lead to a read-after-free\n1912683 - CVE-2021-20194 kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt()\n1913348 - CVE-2020-36158 kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function in drivers/net/wireless/marvell/mwifiex/join.c via a long SSID value\n1915825 - Allow falling back to genfscon labeling when the FS doesn\u0027t support xattrs and there is a fs_use_xattr rule for it\n1919893 - CVE-2020-0427 kernel: out-of-bounds reads in pinctrl subsystem. \n1921958 - CVE-2021-3348 kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c\n1923636 - CVE-2021-20239 kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure\n1930376 - CVE-2020-24504 kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers\n1930379 - CVE-2020-24502 kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers\n1930381 - CVE-2020-24503 kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers\n1933527 - Files on cifs mount can get mixed contents when underlying file is removed but inode number is reused, when mounted with \u0027serverino\u0027 and \u0027cache=strict \u0027\n1939341 - CNB: net: add inline function skb_csum_is_sctp\n1941762 - CVE-2021-28950 kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode\n1941784 - CVE-2021-28971 kernel: System crash in intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c\n1945345 - CVE-2021-29646 kernel: improper input validation in tipc_nl_retrieve_key function in net/tipc/node.c\n1945388 - CVE-2021-29650 kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS\n1946965 - CVE-2021-31916 kernel: out of bounds array access in drivers/md/dm-ioctl.c\n1948772 - CVE-2021-23133 kernel: Race condition in sctp_destroy_sock list_del\n1951595 - CVE-2021-29155 kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory\n1953847 - [ethtool] The `NLM_F_MULTI` should be used for `NLM_F_DUMP`\n1954588 - RHEL kernel 8.2 and higher are affected by data corruption bug in raid1 arrays using bitmaps. \n1957788 - CVE-2021-31829 kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory\n1959559 - CVE-2021-3489 kernel: Linux kernel eBPF RINGBUF map oversized allocation\n1959642 - CVE-2020-24586 kernel: Fragmentation cache not cleared on reconnection\n1959654 - CVE-2020-24587 kernel: Reassembling fragments encrypted under different keys\n1959657 - CVE-2020-24588 kernel: wifi frame payload being parsed incorrectly as an L2 frame\n1959663 - CVE-2020-26139 kernel: Forwarding EAPOL from unauthenticated wifi client\n1960490 - CVE-2020-26140 kernel: accepting plaintext data frames in protected networks\n1960492 - CVE-2020-26141 kernel: not verifying TKIP MIC of fragmented frames\n1960496 - CVE-2020-26143 kernel: accepting fragmented plaintext frames in protected networks\n1960498 - CVE-2020-26144 kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header\n1960500 - CVE-2020-26145 kernel: accepting plaintext broadcast fragments as full frames\n1960502 - CVE-2020-26146 kernel: reassembling encrypted fragments with non-consecutive packet numbers\n1960504 - CVE-2020-26147 kernel: reassembling mixed encrypted/plaintext fragments\n1960708 - please add CAP_CHECKPOINT_RESTORE to capability.h\n1964028 - CVE-2021-31440 kernel: local escalation of privileges in handling of eBPF programs\n1964139 - CVE-2021-3564 kernel: double free in bluetooth subsystem when the HCI device initialization fails\n1965038 - CVE-2021-0129 kernel: Improper access control in BlueZ may allow information disclosure vulnerability. \n1965360 - kernel: get_timespec64 does not ignore padding in compat syscalls\n1965458 - CVE-2021-33200 kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier\n1966578 - CVE-2021-3573 kernel: use-after-free in function hci_sock_bound_ioctl()\n1969489 - CVE-2020-36386 kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() in net/bluetooth/hci_event.c\n1971101 - ceph: potential data corruption in cephfs write_begin codepath\n1972278 - libceph: allow addrvecs with a single NONE/blank address\n1974627 - [TIPC] kernel BUG at lib/list_debug.c:31!\n1975182 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer [rhel-8.5.0]\n1975949 - CVE-2021-3659 kernel: NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c\n1976679 - blk-mq: fix/improve io scheduler batching dispatch\n1976699 - [SCTP]WARNING: CPU: 29 PID: 3165 at mm/page_alloc.c:4579 __alloc_pages_slowpath+0xb74/0xd00\n1976946 - CVE-2021-3635 kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50\n1976969 - XFS: followup to XFS sync to upstream v5.10 (re BZ1937116)\n1977162 - [XDP] test program warning: libbpf: elf: skipping unrecognized data section(16) .eh_frame\n1977422 - Missing backport of IMA boot aggregate calculation in rhel 8.4 kernel\n1977537 - RHEL8.5: Update the kernel workqueue code to v5.12 level\n1977850 - geneve virtual devices lack the NETIF_F_FRAGLIST feature\n1978369 - dm writecache: sync with upstream 5.14\n1979070 - Inaccessible NFS server overloads clients (native_queued_spin_lock_slowpath connotation?)\n1979680 - Backport openvswitch tracepoints\n1981954 - CVE-2021-3600 kernel: eBPF 32-bit source register truncation on div/mod\n1986138 - Lockd invalid cast to nlm_lockowner\n1989165 - CVE-2021-3679 kernel: DoS in rb_per_cpu_empty()\n1989999 - ceph omnibus backport for RHEL-8.5.0\n1991976 - block: fix New warning in nvme_setup_discard\n1992700 - blk-mq: fix kernel panic when iterating over flush request\n1995249 - CVE-2021-3732 kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files\n1996854 - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc()\n\n6. Package List:\n\nRed Hat Enterprise Linux BaseOS (v. 8):\n\nSource:\nkernel-4.18.0-348.el8.src.rpm\n\naarch64:\nbpftool-4.18.0-348.el8.aarch64.rpm\nbpftool-debuginfo-4.18.0-348.el8.aarch64.rpm\nkernel-4.18.0-348.el8.aarch64.rpm\nkernel-core-4.18.0-348.el8.aarch64.rpm\nkernel-cross-headers-4.18.0-348.el8.aarch64.rpm\nkernel-debug-4.18.0-348.el8.aarch64.rpm\nkernel-debug-core-4.18.0-348.el8.aarch64.rpm\nkernel-debug-debuginfo-4.18.0-348.el8.aarch64.rpm\nkernel-debug-devel-4.18.0-348.el8.aarch64.rpm\nkernel-debug-modules-4.18.0-348.el8.aarch64.rpm\nkernel-debug-modules-extra-4.18.0-348.el8.aarch64.rpm\nkernel-debuginfo-4.18.0-348.el8.aarch64.rpm\nkernel-debuginfo-common-aarch64-4.18.0-348.el8.aarch64.rpm\nkernel-devel-4.18.0-348.el8.aarch64.rpm\nkernel-headers-4.18.0-348.el8.aarch64.rpm\nkernel-modules-4.18.0-348.el8.aarch64.rpm\nkernel-modules-extra-4.18.0-348.el8.aarch64.rpm\nkernel-tools-4.18.0-348.el8.aarch64.rpm\nkernel-tools-debuginfo-4.18.0-348.el8.aarch64.rpm\nkernel-tools-libs-4.18.0-348.el8.aarch64.rpm\nperf-4.18.0-348.el8.aarch64.rpm\nperf-debuginfo-4.18.0-348.el8.aarch64.rpm\npython3-perf-4.18.0-348.el8.aarch64.rpm\npython3-perf-debuginfo-4.18.0-348.el8.aarch64.rpm\n\nnoarch:\nkernel-abi-stablelists-4.18.0-348.el8.noarch.rpm\nkernel-doc-4.18.0-348.el8.noarch.rpm\n\nppc64le:\nbpftool-4.18.0-348.el8.ppc64le.rpm\nbpftool-debuginfo-4.18.0-348.el8.ppc64le.rpm\nkernel-4.18.0-348.el8.ppc64le.rpm\nkernel-core-4.18.0-348.el8.ppc64le.rpm\nkernel-cross-headers-4.18.0-348.el8.ppc64le.rpm\nkernel-debug-4.18.0-348.el8.ppc64le.rpm\nkernel-debug-core-4.18.0-348.el8.ppc64le.rpm\nkernel-debug-debuginfo-4.18.0-348.el8.ppc64le.rpm\nkernel-debug-devel-4.18.0-348.el8.ppc64le.rpm\nkernel-debug-modules-4.18.0-348.el8.ppc64le.rpm\nkernel-debug-modules-extra-4.18.0-348.el8.ppc64le.rpm\nkernel-debuginfo-4.18.0-348.el8.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-4.18.0-348.el8.ppc64le.rpm\nkernel-devel-4.18.0-348.el8.ppc64le.rpm\nkernel-headers-4.18.0-348.el8.ppc64le.rpm\nkernel-modules-4.18.0-348.el8.ppc64le.rpm\nkernel-modules-extra-4.18.0-348.el8.ppc64le.rpm\nkernel-tools-4.18.0-348.el8.ppc64le.rpm\nkernel-tools-debuginfo-4.18.0-348.el8.ppc64le.rpm\nkernel-tools-libs-4.18.0-348.el8.ppc64le.rpm\nperf-4.18.0-348.el8.ppc64le.rpm\nperf-debuginfo-4.18.0-348.el8.ppc64le.rpm\npython3-perf-4.18.0-348.el8.ppc64le.rpm\npython3-perf-debuginfo-4.18.0-348.el8.ppc64le.rpm\n\ns390x:\nbpftool-4.18.0-348.el8.s390x.rpm\nbpftool-debuginfo-4.18.0-348.el8.s390x.rpm\nkernel-4.18.0-348.el8.s390x.rpm\nkernel-core-4.18.0-348.el8.s390x.rpm\nkernel-cross-headers-4.18.0-348.el8.s390x.rpm\nkernel-debug-4.18.0-348.el8.s390x.rpm\nkernel-debug-core-4.18.0-348.el8.s390x.rpm\nkernel-debug-debuginfo-4.18.0-348.el8.s390x.rpm\nkernel-debug-devel-4.18.0-348.el8.s390x.rpm\nkernel-debug-modules-4.18.0-348.el8.s390x.rpm\nkernel-debug-modules-extra-4.18.0-348.el8.s390x.rpm\nkernel-debuginfo-4.18.0-348.el8.s390x.rpm\nkernel-debuginfo-common-s390x-4.18.0-348.el8.s390x.rpm\nkernel-devel-4.18.0-348.el8.s390x.rpm\nkernel-headers-4.18.0-348.el8.s390x.rpm\nkernel-modules-4.18.0-348.el8.s390x.rpm\nkernel-modules-extra-4.18.0-348.el8.s390x.rpm\nkernel-tools-4.18.0-348.el8.s390x.rpm\nkernel-tools-debuginfo-4.18.0-348.el8.s390x.rpm\nkernel-zfcpdump-4.18.0-348.el8.s390x.rpm\nkernel-zfcpdump-core-4.18.0-348.el8.s390x.rpm\nkernel-zfcpdump-debuginfo-4.18.0-348.el8.s390x.rpm\nkernel-zfcpdump-devel-4.18.0-348.el8.s390x.rpm\nkernel-zfcpdump-modules-4.18.0-348.el8.s390x.rpm\nkernel-zfcpdump-modules-extra-4.18.0-348.el8.s390x.rpm\nperf-4.18.0-348.el8.s390x.rpm\nperf-debuginfo-4.18.0-348.el8.s390x.rpm\npython3-perf-4.18.0-348.el8.s390x.rpm\npython3-perf-debuginfo-4.18.0-348.el8.s390x.rpm\n\nx86_64:\nbpftool-4.18.0-348.el8.x86_64.rpm\nbpftool-debuginfo-4.18.0-348.el8.x86_64.rpm\nkernel-4.18.0-348.el8.x86_64.rpm\nkernel-core-4.18.0-348.el8.x86_64.rpm\nkernel-cross-headers-4.18.0-348.el8.x86_64.rpm\nkernel-debug-4.18.0-348.el8.x86_64.rpm\nkernel-debug-core-4.18.0-348.el8.x86_64.rpm\nkernel-debug-debuginfo-4.18.0-348.el8.x86_64.rpm\nkernel-debug-devel-4.18.0-348.el8.x86_64.rpm\nkernel-debug-modules-4.18.0-348.el8.x86_64.rpm\nkernel-debug-modules-extra-4.18.0-348.el8.x86_64.rpm\nkernel-debuginfo-4.18.0-348.el8.x86_64.rpm\nkernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm\nkernel-devel-4.18.0-348.el8.x86_64.rpm\nkernel-headers-4.18.0-348.el8.x86_64.rpm\nkernel-modules-4.18.0-348.el8.x86_64.rpm\nkernel-modules-extra-4.18.0-348.el8.x86_64.rpm\nkernel-tools-4.18.0-348.el8.x86_64.rpm\nkernel-tools-debuginfo-4.18.0-348.el8.x86_64.rpm\nkernel-tools-libs-4.18.0-348.el8.x86_64.rpm\nperf-4.18.0-348.el8.x86_64.rpm\nperf-debuginfo-4.18.0-348.el8.x86_64.rpm\npython3-perf-4.18.0-348.el8.x86_64.rpm\npython3-perf-debuginfo-4.18.0-348.el8.x86_64.rpm\n\nRed Hat Enterprise Linux CRB (v. 8):\n\naarch64:\nbpftool-debuginfo-4.18.0-348.el8.aarch64.rpm\nkernel-debug-debuginfo-4.18.0-348.el8.aarch64.rpm\nkernel-debuginfo-4.18.0-348.el8.aarch64.rpm\nkernel-debuginfo-common-aarch64-4.18.0-348.el8.aarch64.rpm\nkernel-tools-debuginfo-4.18.0-348.el8.aarch64.rpm\nkernel-tools-libs-devel-4.18.0-348.el8.aarch64.rpm\nperf-debuginfo-4.18.0-348.el8.aarch64.rpm\npython3-perf-debuginfo-4.18.0-348.el8.aarch64.rpm\n\nppc64le:\nbpftool-debuginfo-4.18.0-348.el8.ppc64le.rpm\nkernel-debug-debuginfo-4.18.0-348.el8.ppc64le.rpm\nkernel-debuginfo-4.18.0-348.el8.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-4.18.0-348.el8.ppc64le.rpm\nkernel-tools-debuginfo-4.18.0-348.el8.ppc64le.rpm\nkernel-tools-libs-devel-4.18.0-348.el8.ppc64le.rpm\nperf-debuginfo-4.18.0-348.el8.ppc64le.rpm\npython3-perf-debuginfo-4.18.0-348.el8.ppc64le.rpm\n\nx86_64:\nbpftool-debuginfo-4.18.0-348.el8.x86_64.rpm\nkernel-debug-debuginfo-4.18.0-348.el8.x86_64.rpm\nkernel-debuginfo-4.18.0-348.el8.x86_64.rpm\nkernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm\nkernel-tools-debuginfo-4.18.0-348.el8.x86_64.rpm\nkernel-tools-libs-devel-4.18.0-348.el8.x86_64.rpm\nperf-debuginfo-4.18.0-348.el8.x86_64.rpm\npython3-perf-debuginfo-4.18.0-348.el8.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYYrdRdzjgjWX9erEAQhs0w//as9X4T+FCf3TAbcNIStxlOK6fbJoAlST\nFrgNJnRH3RmT+VxRSLWZcsJQf78kudeJWtMezbGSVREfhCMBCGhKZ7mvVp5P7J8l\nbobmdaap3hqkPqq66VuKxGuS+6j0rXXgGQH034yzoX+L/lx6KV9qdAnZZO+7kWcy\nSfX0GkLg0ARDMfsoUKwVmeUeNLhPlJ4ZH2rBdZ4FhjyEAG/5yL9JwU/VNReWHjhW\nHgarTuSnFR3vLQDKyjMIEEiBPOI162hS2j3Ba/A/1hJ70HOjloJnd0eWYGxSuIfC\nDRrzlacFNAzBPZsbRFi1plXrHh5LtNoBBWjl+xyb6jRsB8eXgS+WhzUhOXGUv01E\nlJTwFy5Kz71d+cAhRXgmz5gVgWuoNJw8AEImefWcy4n0EEK55vdFe0Sl7BfZiwpD\nJhx97He6OurNnLrYyJJ0+TsU1L33794Ag2AJZnN1PLFUyrKKNlD1ZWtdsJg99klK\ndQteUTnnUhgDG5Tqulf0wX19BEkLd/O6CRyGueJcV4h4PFpSoWOh5Yy/BlokFzc8\nzf14PjuVueIodaIUXtK+70Zmw7tg09Dx5Asyfuk5hWFPYv856nHlDn7PT724CU8v\n1cp96h1IjLR6cF17NO2JCcbU0XZEW+aCkGkPcsY8DhBmaZqxUxXObvTD80Mm7EvN\n+PuV5cms0sE=2UUA\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. Solution:\n\nFor OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply\nthis update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1963232 - CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nLOG-1168 - Disable hostname verification in syslog TLS settings\nLOG-1235 - Using HTTPS without a secret does not translate into the correct \u0027scheme\u0027 value in Fluentd\nLOG-1375 - ssl_ca_cert should be optional\nLOG-1378 - CLO should support sasl_plaintext(Password over http)\nLOG-1392 - In fluentd config, flush_interval can\u0027t be set with flush_mode=immediate\nLOG-1494 - Syslog output is serializing json incorrectly\nLOG-1555 - Fluentd logs emit transaction failed: error_class=NoMethodError while forwarding to external syslog server\nLOG-1575 - Rejected by Elasticsearch and unexpected json-parsing\nLOG-1735 - Regression introducing flush_at_shutdown \nLOG-1774 - The collector logs should be excluded in fluent.conf\nLOG-1776 - fluentd total_limit_size sets value beyond available space\nLOG-1822 - OpenShift Alerting Rules Style-Guide Compliance\nLOG-1859 - CLO Should not error and exit early on missing ca-bundle when cluster wide proxy is not enabled\nLOG-1862 - Unsupported kafka parameters when enabled Kafka SASL\nLOG-1903 - Fix the Display of ClusterLogging type in OLM\nLOG-1911 - CLF API changes to Opt-in to multiline error detection\nLOG-1918 - Alert `FluentdNodeDown` always firing \nLOG-1939 - Opt-in multiline detection breaks cloudwatch forwarding\n\n6",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-24588"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006877"
},
{
"db": "VULMON",
"id": "CVE-2020-24588"
},
{
"db": "PACKETSTORM",
"id": "163251"
},
{
"db": "PACKETSTORM",
"id": "163291"
},
{
"db": "PACKETSTORM",
"id": "163301"
},
{
"db": "PACKETSTORM",
"id": "163249"
},
{
"db": "PACKETSTORM",
"id": "165296"
},
{
"db": "PACKETSTORM",
"id": "164837"
},
{
"db": "PACKETSTORM",
"id": "164967"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-24588",
"trust": 4.0
},
{
"db": "SIEMENS",
"id": "SSA-913875",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/05/11/12",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU93485736",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006877",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-22-102-04",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "163291",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "163249",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2021.2409",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2876",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2509",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3825",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2079",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2290",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.0995",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2249",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.4254",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1587",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2368",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.0845",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3905",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1715",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2136",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2216",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1628",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021051814",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021051920",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021051715",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022041319",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022031521",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021051227",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021100407",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021051118",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "164875",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-104-04",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-236-01",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-57316",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-61212",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202105-633",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-24588",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163251",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163301",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165296",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "164837",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "164967",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-24588"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006877"
},
{
"db": "PACKETSTORM",
"id": "163251"
},
{
"db": "PACKETSTORM",
"id": "163291"
},
{
"db": "PACKETSTORM",
"id": "163301"
},
{
"db": "PACKETSTORM",
"id": "163249"
},
{
"db": "PACKETSTORM",
"id": "165296"
},
{
"db": "PACKETSTORM",
"id": "164837"
},
{
"db": "PACKETSTORM",
"id": "164967"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-633"
},
{
"db": "NVD",
"id": "CVE-2020-24588"
}
]
},
"id": "VAR-202105-1431",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.37675563
},
"last_update_date": "2024-07-23T21:28:26.944000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "top page NEC NEC Product security information",
"trust": 0.8,
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"title": "Microsoft Windows Wireless Networking Fixes for access control error vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=151563"
},
{
"title": "Red Hat: CVE-2020-24588",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2020-24588"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2020-24588 log"
},
{
"title": "Amazon Linux 2: ALAS2KERNEL-5.4-2022-004",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2kernel-5.4-2022-004"
},
{
"title": "Cisco: Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-wifi-faf-22epcewu"
},
{
"title": "Amazon Linux 2: ALAS2KERNEL-5.10-2022-002",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2kernel-5.10-2022-002"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2020-24588 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/kali973/fragattacks "
},
{
"title": "fragattacks",
"trust": 0.1,
"url": "https://github.com/vanhoefm/fragattacks "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-24588"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006877"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-633"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-327",
"trust": 1.0
},
{
"problemtype": "Lack of authentication for critical features (CWE-306) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-006877"
},
{
"db": "NVD",
"id": "CVE-2020-24588"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-wifi-faf-22epcewu"
},
{
"trust": 1.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24588"
},
{
"trust": 1.7,
"url": "https://www.fragattacks.com"
},
{
"trust": 1.7,
"url": "https://github.com/vanhoefm/fragattacks/blob/master/summary.md"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"trust": 1.7,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"trust": 1.7,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
},
{
"trust": 1.0,
"url": "https://access.redhat.com/security/cve/cve-2020-24588"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu93485736/"
},
{
"trust": 0.6,
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2021-bulletin"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-61212"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021051227"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021051920"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2216"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2876"
},
{
"trust": 0.6,
"url": "https://source.android.com/security/bulletin/2021-10-01"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3905"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.0995"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1628"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3825"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-104-04"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-102-04"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2368"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021100407"
},
{
"trust": 0.6,
"url": "https://msrc.microsoft.com/update-guide/vulnerability/cve-2020-24588"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-236-01"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.0845"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021051715"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021051814"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/wi-fi-devices-multiple-vulnerabilities-via-fragattacks-35386"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2509"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021051118"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163291/ubuntu-security-notice-usn-5000-2.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/164875/red-hat-security-advisory-2021-4140-02.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2249"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2409"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022041319"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163249/ubuntu-security-notice-usn-4997-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1587"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-57316"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2136"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4254"
},
{
"trust": 0.6,
"url": "https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202111-0000001218088197"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2079"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2290"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-notices/huawei-sn-20210513-01-fragattacks-cn"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1715"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022031521"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-26147"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24586"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-26145"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-23133"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24587"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-26141"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-26139"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33200"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3609"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-31829"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-31440"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-23134"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33034"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3506"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-32399"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-24504"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-27777"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-20239"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-36158"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3635"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-36386"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0427"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-24586"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3348"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-26140"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-26146"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-31440"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3732"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-0129"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-24502"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3564"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-0427"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-23133"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-26144"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3679"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-29368"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-29646"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-29155"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3489"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-29660"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-26139"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-28971"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-26143"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3600"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-26145"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-33200"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-29650"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-20194"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-26147"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-31916"
},
{
"trust": 0.3,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24503"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24502"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-31829"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3573"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-26141"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-28950"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-24587"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-24503"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3659"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3543"
},
{
"trust": 0.2,
"url": "https://ubuntu.com/security/notices/usn-4997-1"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-16135"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3200"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-35448"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-25013"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-20284"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25012"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-35522"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5827"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-35524"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20673"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25013"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25009"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-27645"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-33574"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3487"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-13435"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-5827"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-24370"
},
{
"trust": 0.2,
"url": "https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-14145"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-13751"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10001"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-25014"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-19603"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14145"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-25012"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-35521"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-35942"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-17594"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-36312"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24370"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3572"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-12762"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-36086"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3778"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13750"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13751"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-22898"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12762"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-16135"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-36084"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-17541"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3800"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17594"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-36087"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-36331"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-31535"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-23841"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-14615"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3445"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13435"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19603"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-22925"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-20673"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-23840"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-36330"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-33033"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18218"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-20232"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-20266"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20838"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-22876"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-20231"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-36332"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-14155"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25010"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20838"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-17541"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-10001"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25014"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-36085"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14615"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-33560"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-17595"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3481"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-42574"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14155"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-25009"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-25010"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-35523"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-28153"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-13750"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-20197"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3426"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-18218"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3580"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3796"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17595"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/327.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2020-24588"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-04"
},
{
"trust": 0.1,
"url": "https://alas.aws.amazon.com/al2/alaskernel-5.4-2022-004.html"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle-5.8/5.8.0-1033.34~20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure-5.8/5.8.0-1036.38~20.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25670"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi/5.8.0-1029.32"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/5.8.0-1035.37"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/5.8.0-59.66"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25671"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-29155"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1038.40"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1036.38"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25673"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-hwe-5.8/5.8.0-59.66~20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/5.8.0-1030.32"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp-5.8/5.8.0-1035.37~20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws-5.8/5.8.0-1038.40~20.04.1"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-4999-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle/5.8.0-1033.34"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5000-2"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5000-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1041.42"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/5.11.0-1009.9"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-4997-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle/5.11.0-1010.10"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/5.11.0-1011.11"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi/5.11.0-1012.13"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/5.11.0-1011.12"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/5.11.0-1009.9"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/5.11.0-22.23"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/vulnerabilities/rhsb-2021-009"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-43527"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-44228"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3712"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:5137"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-26144"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24504"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20239"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-0129"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-28950"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-26143"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:4356"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-27777"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-29368"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-26140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36386"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-29660"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-28971"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36158"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-26146"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33194"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:4627"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-24588"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006877"
},
{
"db": "PACKETSTORM",
"id": "163251"
},
{
"db": "PACKETSTORM",
"id": "163291"
},
{
"db": "PACKETSTORM",
"id": "163301"
},
{
"db": "PACKETSTORM",
"id": "163249"
},
{
"db": "PACKETSTORM",
"id": "165296"
},
{
"db": "PACKETSTORM",
"id": "164837"
},
{
"db": "PACKETSTORM",
"id": "164967"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-633"
},
{
"db": "NVD",
"id": "CVE-2020-24588"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2020-24588"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006877"
},
{
"db": "PACKETSTORM",
"id": "163251"
},
{
"db": "PACKETSTORM",
"id": "163291"
},
{
"db": "PACKETSTORM",
"id": "163301"
},
{
"db": "PACKETSTORM",
"id": "163249"
},
{
"db": "PACKETSTORM",
"id": "165296"
},
{
"db": "PACKETSTORM",
"id": "164837"
},
{
"db": "PACKETSTORM",
"id": "164967"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-633"
},
{
"db": "NVD",
"id": "CVE-2020-24588"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-11T00:00:00",
"db": "VULMON",
"id": "CVE-2020-24588"
},
{
"date": "2022-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-006877"
},
{
"date": "2021-06-23T15:35:21",
"db": "PACKETSTORM",
"id": "163251"
},
{
"date": "2021-06-27T12:22:22",
"db": "PACKETSTORM",
"id": "163291"
},
{
"date": "2021-06-28T16:22:26",
"db": "PACKETSTORM",
"id": "163301"
},
{
"date": "2021-06-23T15:33:13",
"db": "PACKETSTORM",
"id": "163249"
},
{
"date": "2021-12-15T15:27:05",
"db": "PACKETSTORM",
"id": "165296"
},
{
"date": "2021-11-10T17:04:39",
"db": "PACKETSTORM",
"id": "164837"
},
{
"date": "2021-11-15T17:25:56",
"db": "PACKETSTORM",
"id": "164967"
},
{
"date": "2021-05-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-633"
},
{
"date": "2021-05-11T20:15:08.613000",
"db": "NVD",
"id": "CVE-2020-24588"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-04-01T00:00:00",
"db": "VULMON",
"id": "CVE-2020-24588"
},
{
"date": "2024-02-27T02:33:00",
"db": "JVNDB",
"id": "JVNDB-2021-006877"
},
{
"date": "2023-04-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-633"
},
{
"date": "2023-04-01T22:15:08.467000",
"db": "NVD",
"id": "CVE-2020-24588"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-633"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IEEE\u00a0802.11\u00a0 Vulnerabilities related to lack of certification for critical functions in standards",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-006877"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-633"
}
],
"trust": 0.6
}
}
VAR-202006-0391
Vulnerability from variot - Updated: 2024-07-23 21:20The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. The Universal Plug and Play (UPnP) protocol in effect prior to April 17, 2020 can be abused to send traffic to arbitrary destinations using the SUBSCRIBE functionality. The UPnP protocol, as specified by the Open Connectivity Foundation (OCF), is designed to provide automatic discovery and interaction with devices on a network. The UPnP protocol is designed to be used in a trusted local area network (LAN) and the protocol does not implement any form of authentication or verification. Many common Internet-connected devices support UPnP, as noted in previous research from Daniel Garcia (VU#357851) and Rapid7. Garcia presented at DEFCON 2019 and published a scanning and portmapping tool. The UPnP Device Protection service was not widely adopted. A vulnerability in the UPnP SUBSCRIBE capability permits an attacker to send large amounts of data to arbitrary destinations accessible over the Internet, which could lead to a Distributed Denial of Service (DDoS), data exfiltration, and other unexpected network behavior. The OCF has updated the UPnP specification to address this issue. This vulnerability has been assigned CVE-2020-12695 and is also known as Call Stranger. Although offering UPnP services on the Internet is generally considered to be a misconfiguration, a number of devices are still available over the Internet according to a recent Shodan scan. A remote, unauthenticated attacker may be able to abuse the UPnP SUBSCRIBE capability to send traffic to arbitrary destinations, leading to amplified DDoS attacks and data exfiltration. In general, making UPnP available over the the Internet can pose further security vulnerabilities than the one described in this vulnerability note. Open Connectivity Foundation UPnP There is a vulnerability in the specification regarding improper default permissions.Information is obtained and service operation is interrupted (DoS) It may be put into a state. A security vulnerability exists in UPnP versions prior to 2020-04-17. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: gssdp and gupnp security update Advisory ID: RHSA-2021:1789-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:1789 Issue date: 2021-05-18 CVE Names: CVE-2020-12695 ==================================================================== 1. Summary:
An update for gssdp and gupnp is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64
- Description:
GUPnP is an object-oriented open source framework for creating UPnP devices and control points, written in C using GObject and libsoup. The GUPnP API is intended to be easy to use, efficient and flexible.
GSSDP implements resource discovery and announcement over SSDP and is part of gUPnP.
The following packages have been upgraded to a later upstream version: gssdp (1.0.5), gupnp (1.0.6). (BZ#1846589, BZ#1861928)
Security Fix(es):
- hostapd: UPnP SUBSCRIBE misbehavior in WPS AP (CVE-2020-12695)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1846006 - CVE-2020-12695 hostapd: UPnP SUBSCRIBE misbehavior in WPS AP
- Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source: gssdp-1.0.5-1.el8.src.rpm gupnp-1.0.6-1.el8.src.rpm
aarch64: gssdp-1.0.5-1.el8.aarch64.rpm gssdp-debuginfo-1.0.5-1.el8.aarch64.rpm gssdp-debugsource-1.0.5-1.el8.aarch64.rpm gssdp-utils-debuginfo-1.0.5-1.el8.aarch64.rpm gupnp-1.0.6-1.el8.aarch64.rpm gupnp-debuginfo-1.0.6-1.el8.aarch64.rpm gupnp-debugsource-1.0.6-1.el8.aarch64.rpm
ppc64le: gssdp-1.0.5-1.el8.ppc64le.rpm gssdp-debuginfo-1.0.5-1.el8.ppc64le.rpm gssdp-debugsource-1.0.5-1.el8.ppc64le.rpm gssdp-utils-debuginfo-1.0.5-1.el8.ppc64le.rpm gupnp-1.0.6-1.el8.ppc64le.rpm gupnp-debuginfo-1.0.6-1.el8.ppc64le.rpm gupnp-debugsource-1.0.6-1.el8.ppc64le.rpm
s390x: gssdp-1.0.5-1.el8.s390x.rpm gssdp-debuginfo-1.0.5-1.el8.s390x.rpm gssdp-debugsource-1.0.5-1.el8.s390x.rpm gssdp-utils-debuginfo-1.0.5-1.el8.s390x.rpm gupnp-1.0.6-1.el8.s390x.rpm gupnp-debuginfo-1.0.6-1.el8.s390x.rpm gupnp-debugsource-1.0.6-1.el8.s390x.rpm
x86_64: gssdp-1.0.5-1.el8.i686.rpm gssdp-1.0.5-1.el8.x86_64.rpm gssdp-debuginfo-1.0.5-1.el8.i686.rpm gssdp-debuginfo-1.0.5-1.el8.x86_64.rpm gssdp-debugsource-1.0.5-1.el8.i686.rpm gssdp-debugsource-1.0.5-1.el8.x86_64.rpm gssdp-utils-debuginfo-1.0.5-1.el8.i686.rpm gssdp-utils-debuginfo-1.0.5-1.el8.x86_64.rpm gupnp-1.0.6-1.el8.i686.rpm gupnp-1.0.6-1.el8.x86_64.rpm gupnp-debuginfo-1.0.6-1.el8.i686.rpm gupnp-debuginfo-1.0.6-1.el8.x86_64.rpm gupnp-debugsource-1.0.6-1.el8.i686.rpm gupnp-debugsource-1.0.6-1.el8.x86_64.rpm
Red Hat CodeReady Linux Builder (v. 8):
aarch64: gssdp-debuginfo-1.0.5-1.el8.aarch64.rpm gssdp-debugsource-1.0.5-1.el8.aarch64.rpm gssdp-devel-1.0.5-1.el8.aarch64.rpm gssdp-utils-debuginfo-1.0.5-1.el8.aarch64.rpm gupnp-debuginfo-1.0.6-1.el8.aarch64.rpm gupnp-debugsource-1.0.6-1.el8.aarch64.rpm gupnp-devel-1.0.6-1.el8.aarch64.rpm
noarch: gssdp-docs-1.0.5-1.el8.noarch.rpm
ppc64le: gssdp-debuginfo-1.0.5-1.el8.ppc64le.rpm gssdp-debugsource-1.0.5-1.el8.ppc64le.rpm gssdp-devel-1.0.5-1.el8.ppc64le.rpm gssdp-utils-debuginfo-1.0.5-1.el8.ppc64le.rpm gupnp-debuginfo-1.0.6-1.el8.ppc64le.rpm gupnp-debugsource-1.0.6-1.el8.ppc64le.rpm gupnp-devel-1.0.6-1.el8.ppc64le.rpm
s390x: gssdp-debuginfo-1.0.5-1.el8.s390x.rpm gssdp-debugsource-1.0.5-1.el8.s390x.rpm gssdp-devel-1.0.5-1.el8.s390x.rpm gssdp-utils-debuginfo-1.0.5-1.el8.s390x.rpm gupnp-debuginfo-1.0.6-1.el8.s390x.rpm gupnp-debugsource-1.0.6-1.el8.s390x.rpm gupnp-devel-1.0.6-1.el8.s390x.rpm
x86_64: gssdp-debuginfo-1.0.5-1.el8.i686.rpm gssdp-debuginfo-1.0.5-1.el8.x86_64.rpm gssdp-debugsource-1.0.5-1.el8.i686.rpm gssdp-debugsource-1.0.5-1.el8.x86_64.rpm gssdp-devel-1.0.5-1.el8.i686.rpm gssdp-devel-1.0.5-1.el8.x86_64.rpm gssdp-utils-debuginfo-1.0.5-1.el8.i686.rpm gssdp-utils-debuginfo-1.0.5-1.el8.x86_64.rpm gupnp-debuginfo-1.0.6-1.el8.i686.rpm gupnp-debuginfo-1.0.6-1.el8.x86_64.rpm gupnp-debugsource-1.0.6-1.el8.i686.rpm gupnp-debugsource-1.0.6-1.el8.x86_64.rpm gupnp-devel-1.0.6-1.el8.i686.rpm gupnp-devel-1.0.6-1.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2020-12695 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYKPxUtzjgjWX9erEAQhZhw//Ypgq/0qu2SS/hw8alPmqQ6CG5C/xOqF6 uJL5HVQ+KPu8Go+UifB3xP3Izm9GYh9aNpcR3bPTx3NsfJdQyzPNSo8O2bC3mUBl Lw6Bh++uhaNx3ADaKfceEG5teXbkwAadSft0W7j9jiY70qjVWfvqKjzBS3UyOL/P ++SdPU96uOX9nAkeT3wqirWjXDjUMJLao6AvRtXOXJ2MNwJp436S/KemSkMq2Mg7 izSYf7Biojg5SMNM4rsFBSnIqmehomfsVFetttHImCfTYteTfddti42gMelZyG8k MK4CJw1DeR1e30teWaHnoVa9xAPJMKx56RG3/Wr+6Y5nK0rFZoZuMiJn2b7KodcH fYbfxkwrQQ/R9bYZn03YgCz4zl/hetsoITKFHcsPNB9qtdRdtQhYzeOG+AyiawWh YtF3vlomMlaxuOZV9zTJUIWZX/ev6wWx8VsXuHKMBwtBxO7l3M0Hd+BOxRPVE/mu m+DBcBQp7fvaw55tCAQtHS3CKvgGYijDvOFHBOkQw5Zh9ttdfLlKo4H4NU0W4dLN HJWuKGelB2vGc0eoqZ7yCi2xuWBYxjDIoYGzlwPJSnrrguqeLfOKVykja8AYpIET V/XCUk/geIiEbSRwAR8EPXDpTLLicGrR6pbekpMfALm/GGc5I4RyA9AbVNJ9fF+a 7bb2GlcOcWo=2GSN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . (CVE-2020-12695)
It was discovered that ReadyMedia (MiniDLNA) allowed remote code execution. ========================================================================= Ubuntu Security Notice USN-4734-2 February 16, 2021
wpa vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in wpa_supplicant and hostapd.
Software Description: - wpa: client support for WPA and WPA2
Details:
USN-4734-1 fixed several vulnerabilities in wpa_supplicant. This update provides the corresponding update for Ubuntu 14.04 ESM.
It was discovered that wpa_supplicant did not properly handle P2P (Wi-Fi Direct) group information in some situations, leading to a heap overflow. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-0326)
It was discovered that hostapd did not properly handle UPnP subscribe messages in some circumstances. An attacker could use this to cause a denial of service. (CVE-2020-12695)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 ESM: hostapd 1:2.1-0ubuntu1.7+esm3 wpasupplicant 2.1-0ubuntu1.7+esm3
After a standard system update you need to reboot your computer to make all the necessary changes.
For the stable distribution (buster), these problems have been fixed in version 2:2.7+git20190128+0c1e29f-6+deb10u3.
We recommend that you upgrade your wpa packages.
For the detailed security status of wpa please refer to its security tracker page at: https://security-tracker.debian.org/tracker/wpa
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmCBxcZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0QRbw//chJxW9vhszfe/MrHkuEBC/y0jzkQ0GxJG/DT+EXvHnq8KyVht92B81sU Ia860UeNygOY1vAe8izNVpxPEi1PpI7Y6VfvqcWC5dMFNEmOk8yMzJXPDYtwrO3b q7Fq6MJys6HTooIInCVjdwVTmvVfocEiOl2Oy+smBE8ylkUPIShJj+UsnBR3qMCB 9IoxgeFsHl4HpRzsC1uiTMmNPUqqychqzyn26aA+Vp5nfPkvpsSc6aA68BBUm529 5udANpQneYrsQ+EKMm2wQmw9xNWbrqzRUCmi/XGxJ5YEibOjMLZeBMWq35MRQKDS BaaEPbjPMbBP7p6yp795pdt/XgNL1cJPejEBBQWPs3PrRuW/inhjJbSvenPl5AIB wOV8OzoxDw0m5DdYr2IuYRNu3zt743e/v5oDhDOiSteBl7zjs4cUohfOryaH/htN 7Ok3BbhfVc7xfW/XhXNq2axXPGDdSOI3Y6ZXPgiTlX3eIm8Culg7Rm52JprbAc0a aP0pkGjHO3MAIsvRU/H7WGJbhCdS0i/XTAbuJming5zzCpigGaQG9wOawYH4lNJV BNEX/DjjcsZ4oETxWn0sG/LVIl3m2TCry2cayZsy8806nTqlhFS2py5tx6gn5NBi e5JGaYRgwa6TUxj4UjWnbdIKMpElbtXbMIOHSvG2Gnx/21siyg0= =CU/j -----END PGP SIGNATURE----- . In addition minidlna was susceptible to the "CallStranger" UPnP vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0391",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "envy photo 7100 z3m52a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "deskjet ink advantage 4538 f0v66b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 7640",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy pro 6452 5se47a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "5020 z4a69a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 6055 5se16a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 6232 k7g26b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 110 cq809c",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 120 cz022c",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4500 a9t80a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4525 k9t09b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5541 k7g89a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 6222 y0k13d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4516 k9h52a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy pro 6420 5se45b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5646 f8b05a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4505 a9t86a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "officejet 4652 k9v84b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "officejet 4652 f1j02a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 6540 b9s59a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "deskjet ink advantage 3545 a9t81a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "32"
},
{
"model": "xp-702",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "envy 4507 e6g70b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 7100 k7g93a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4508 e6g72b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4520 e6g67b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 111 cq810a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 6234 k7s21b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 7800 k7r96a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 7645 e4w44a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "deskjet ink advantage 4675 f1h97c",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "officejet 4652 f1j05b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "xp-960",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "dvg-n5412sp",
"scope": "eq",
"trust": 1.0,
"vendor": "dlink",
"version": null
},
{
"model": "5034 z4a74a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 6200 k7g26b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "officejet 4656 k9v81b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5540 f2e72a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4503 e6g71b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "deskjet ink advantage 4518",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 100 cn517a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5000 m2u91a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5543 n9u88a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 7644 e4w46a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 6200 y0k15a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "adsl",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": null
},
{
"model": "envy 6052 5se18a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 7100 z3m37a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "deskjet ink advantage 3548 a9t81b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5000 z4a74a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4522 f0v67a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "deskjet ink advantage 4535 f0v64b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 100 cn519a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4520 f0v63b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 7155 z3m52a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 6200 k7g18a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 114 cq811b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5664 f8b08a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "hg532e",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "envy 4523 j6u60b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "amg1202-t10b",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "envy 5020 m2u91b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 110 cq809b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 7800 k7s00a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5542 k7c88a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "officejet 4657 v6d29b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "hg255s",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "envy 4500 a9t80b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4521 k9t10b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "deskjet ink advantage 4515",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "deskjet ink advantage 4675 f1h97b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 7164 k7g99a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5540 g0v52a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4512 k9h49a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "xp-320",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "envy 6020 5se17a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "xp-2101",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "envy 100 cn517b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "xp-241",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "deskjet ink advantage 3456 a9t84c",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4500 d3p93a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "5030 z4a70a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 100 cn517c",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5540 g0v53a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "wap351",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "envy 5534",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "5660 f8b04a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "xp-620",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "deskjet ink advantage 3545 a9t81c",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4520 f0v69a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4501 c8d05a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5535",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 6222 y0k14d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4511 k9h50a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "ep-101",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "deskjet ink advantage 4675 f1h97a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5642 b9s64a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "zxv10 w300",
"scope": "eq",
"trust": 1.0,
"vendor": "zte",
"version": null
},
{
"model": "envy 5540 g0v47a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4500 a9t89a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4509 d3p94b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5539",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 7800 y0g52b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "deskjet ink advantage 3545 a9t83b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "officejet 4650 e6g87a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 7120 z3m41d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "deskjet ink advantage 4676 f1h98a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4524 f0v72b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 120 cz022a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 110 cq809d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "wr8165n",
"scope": "eq",
"trust": 1.0,
"vendor": "nec",
"version": null
},
{
"model": "envy 110 cq812c",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "deskjet ink advantage 5575 g0v48b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "officejet 4655 k9v79a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "officejet 4654 f1j06b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 120 cz022b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "wap150",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "envy 5640 b9s56a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4504 a9t88b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "xp-330",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "envy pro 6420 6wd16a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4520 f0v63a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4526 k9t05b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "officejet 4650 f1h96a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4502 a9t87b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "officejet 4650 f1h96b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy pro 6455 5se45a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 7822 y0g43d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "xp-4105",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "selphy cp1200",
"scope": "eq",
"trust": 1.0,
"vendor": "canon",
"version": null
},
{
"model": "xp-100",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "envy 5643 b9s63a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "deskjet ink advantage 4535 f0v64a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "officejet 4655 f1j00a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 110 cq809a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "archer c50",
"scope": "eq",
"trust": 1.0,
"vendor": "tp link",
"version": null
},
{
"model": "envy photo 6220 k7g20d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "xp-8600",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "wnhde111",
"scope": "eq",
"trust": 1.0,
"vendor": "netgear",
"version": null
},
{
"model": "officejet 4654 f1j07b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "xp-2105",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "envy 5531",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 6200 k7s21b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4524 k9t01a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "31"
},
{
"model": "envy 5544 k7c93a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "hostapd",
"scope": "lt",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0.0"
},
{
"model": "officejet 4655 k9v82b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "xp-340",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "envy 4524 f0v71b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 7100 3xd89a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4528 k9t08b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5530",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "xp-440",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "envy photo 6200 y0k13d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 6230 k7g25b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 114 cq812a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "deskjet ink advantage 4536 f0v65a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4502 a9t85a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5548 k7g87a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "ew-m970a3t",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "envy 5000 m2u94b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 6020 6wd35a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "officejet 4658 v6d30b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 100 cn519b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "rt-n11",
"scope": "eq",
"trust": 1.0,
"vendor": "asus",
"version": null
},
{
"model": "deskjet ink advantage 3546 a9t82a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4513 k9h51a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 6020 7cz37a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 6220 k7g21b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5000 m2u91a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "vmg8324-b10a",
"scope": "eq",
"trust": 1.0,
"vendor": "zyxel",
"version": null
},
{
"model": "unifi controller",
"scope": "eq",
"trust": 1.0,
"vendor": "ui",
"version": null
},
{
"model": "xp-4100",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "deskjet ink advantage 5575 g0v48c",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5546 k7c90a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5644 b9s65a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "20.04"
},
{
"model": "envy 6020 5se16b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 7800 k7s10d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5547 j6u64a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 7800 y0g42d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4520 e6g67a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5540 g0v51a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "zonedirector 1200",
"scope": "eq",
"trust": 1.0,
"vendor": "ruckussecurity",
"version": null
},
{
"model": "envy 5000 z4a54a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "b1165nfw",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": null
},
{
"model": "deskjet ink advantage 4678 f1h99b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5000 m2u85b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy pro 6420 6wd14a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "xbox one",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "10.0.19041.2494"
},
{
"model": "envy 5532",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4504 c8d04a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5544 k7c89a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "xp-970",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "envy photo 7830 y0g50b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5640 b9s58a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "wap131",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "xp-8500",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "5030 m2u92b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "deskjet ink advantage 4535 f0v64c",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4509 d3p94a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5536",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5665 f8b06a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5000 m2u85a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 100 cn518a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 5540 k7c85a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "xp-630",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "envy 5545 g0v50a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 7100 k7g99a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 114 cq811a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "m571t",
"scope": "eq",
"trust": 1.0,
"vendor": "epson",
"version": null
},
{
"model": "envy pro 6420 5se46a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 7822 y0g42d",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy photo 6252 k7g22a",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "envy 4527 j6u61b",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": null
},
{
"model": "rt-n11",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "adsl",
"scope": null,
"trust": 0.8,
"vendor": "broadcom",
"version": null
},
{
"model": "dvg-n5412sp",
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": "unifi controller",
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": "hostapd",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "selphy cp1200",
"scope": null,
"trust": 0.8,
"vendor": "canon",
"version": null
},
{
"model": "wap131",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "wap150",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "wap351",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "b1165nfw",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006708"
},
{
"db": "NVD",
"id": "CVE-2020-12695"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ui:unifi_controller:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:asus:rt-n11:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:broadcom:adsl:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:canon:selphy_cp1200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:wap150:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:wap351:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:wap131:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dlink:dvg-n5412sp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dell:b1165nfw:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:epson:ew-m970a3t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:ep-101:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:xp-8500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:xp-702:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:xp-340:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:xp-620:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:xp-320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:xp-960:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:xp-2101:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:xp-330:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:xp-2105:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:xp-100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:xp-630:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:xp-8600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:xp-4105:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:xp-241:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:xp-4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:xp-970:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:xp-440:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:epson:m571t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5000_m2u85a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5000_m2u85b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5000_m2u91a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5000_m2u94b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5000_z4a54a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5000_z4a74a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_6200_k7g18a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_6200_k7g26b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_6200_k7s21b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_6200_y0k13d_:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_6200_y0k15a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_7100_3xd89a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_7100_k7g93a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_7100_k7g99a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_7100_z3m37a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_7100_z3m52a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_7800_k7r96a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_7800_k7s00a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_7800_k7s10d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_7800_y0g42d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_7800_y0g52b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5020_m2u91b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_114_cq811a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_114_cq811b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_114_cq812a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_111_cq810a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_110_cq809c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_110_cq809a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_110_cq809b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_110_cq809d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_110_cq812c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_100_cn517a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_100_cn517b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_100_cn517c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_100_cn518a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_100_cn519a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_100_cn519b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5000_m2u91a:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_pro_6420_5se45b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_pro_6420_5se46a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_pro_6420_6wd14a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_pro_6420_6wd16a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_pro_6452_5se47a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_pro_6455_5se45a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5020_z4a69a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5030_m2u92b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5030_z4a70a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5034_z4a74a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:5660_f8b04a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5665_f8b06a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5664_f8b08a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_7640:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_7644_e4w46a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_7645_e4w44a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5640_b9s56a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5640_b9s58a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_6540_b9s59a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5642_b9s64a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5643_b9s63a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5644_b9s65a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5646_f8b05a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5540_f2e72a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5540_g0v47a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5540_g0v52a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5540_g0v51a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5540_g0v53a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5540_k7c85a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5541_k7g89a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5542_k7c88a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5543_n9u88a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5544_k7c89a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5544_k7c93a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5545_g0v50a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5546_k7c90a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5547_j6u64a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5548_k7g87a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4536_f0v65a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4538_f0v66b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4676_f1h98a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4678_f1h99b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4511_k9h50a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4512_k9h49a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4513_k9h51a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4516_k9h52a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4520_e6g67a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4520_e6g67b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4520_f0v63a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4520_f0v63b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4520_f0v69a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4521_k9t10b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4522_f0v67a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4523_j6u60b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4524_f0v71b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4524_f0v72b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4524_k9t01a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4525_k9t09b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4526_k9t05b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4527_j6u61b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4528_k9t08b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:officejet_4650_e6g87a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:officejet_4650_f1h96a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:officejet_4650_f1h96b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:officejet_4652_f1j02a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:officejet_4652_k9v84b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:officejet_4652_f1j05b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:officejet_4654_f1j07b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:officejet_4654_f1j06b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:officejet_4655_f1j00a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:officejet_4655_k9v79a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:officejet_4655_k9v82b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:officejet_4656_k9v81b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:officejet_4657_v6d29b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:officejet_4658_v6d30b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5530:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5536:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5531:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5539:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5532:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4515:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5534:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_4518:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_5535:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t83b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_3546_a9t82a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_3456_a9t84c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:deskjet_ink_advantage_3548_a9t81b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4509_d3p94a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4509_d3p94b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4501_c8d05a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4502_a9t85a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4502_a9t87b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4503_e6g71b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4504_a9t88b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4504_c8d04a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4505_a9t86a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4507_e6g70b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4508_e6g72b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4500_a9t80a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4500_a9t80b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4500_a9t89a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_4500_d3p93a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_120_cz022a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_120_cz022b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_120_cz022c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_6220_k7g20d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_6220_k7g21b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_6230_k7g25b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_6232_k7g26b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_6234_k7s21b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_6252_k7g22a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_6222_y0k13d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_6222_y0k14d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_7830_y0g50b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_7822_y0g42d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_7822_y0g43d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_7120_z3m41d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_7155_z3m52a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_photo_7164_k7g99a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_6020_5se16b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_6020_5se17a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_6020_6wd35a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_6020_7cz37a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_6052_5se18a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:envy_6055_5se16a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:hg532e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:huawei:hg255s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:nec:wr8165n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netgear:wnhde111:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:ruckussecurity:zonedirector_1200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:tp-link:archer_c50:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zte:zxv10_w300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:zyxel:vmg8324-b10a:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:zyxel:amg1202-t10b:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:xbox_one:10.0.19041.2494:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-12695"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability was reported by Yunus \u00c7adirci from EY Turkey. This document was written by Vijay Sarvepalli. ",
"sources": [
{
"db": "CERT/CC",
"id": "VU#339275"
}
],
"trust": 0.8
},
"cve": "CVE-2020-12695",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 7.8,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-006708",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-165399",
"impactScore": 7.8,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2020-12695",
"impactScore": 7.8,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.2,
"impactScore": 4.7,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2020-006708",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-12695",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-006708",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-597",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-165399",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2020-12695",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-165399"
},
{
"db": "VULMON",
"id": "CVE-2020-12695"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006708"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-597"
},
{
"db": "NVD",
"id": "CVE-2020-12695"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. The Universal Plug and Play (UPnP) protocol in effect prior to April 17, 2020 can be abused to send traffic to arbitrary destinations using the SUBSCRIBE functionality. The UPnP protocol, as specified by the Open Connectivity Foundation (OCF), is designed to provide automatic discovery and interaction with devices on a network. The UPnP protocol is designed to be used in a trusted local area network (LAN) and the protocol does not implement any form of authentication or verification. Many common Internet-connected devices support UPnP, as noted in previous research from Daniel Garcia (VU#357851) and Rapid7. Garcia presented at DEFCON 2019 and published a scanning and portmapping tool. The UPnP Device Protection service was not widely adopted. A vulnerability in the UPnP SUBSCRIBE capability permits an attacker to send large amounts of data to arbitrary destinations accessible over the Internet, which could lead to a Distributed Denial of Service (DDoS), data exfiltration, and other unexpected network behavior. The OCF has updated the UPnP specification to address this issue. This vulnerability has been assigned CVE-2020-12695 and is also known as Call Stranger. Although offering UPnP services on the Internet is generally considered to be a misconfiguration, a number of devices are still available over the Internet according to a recent Shodan scan. A remote, unauthenticated attacker may be able to abuse the UPnP SUBSCRIBE capability to send traffic to arbitrary destinations, leading to amplified DDoS attacks and data exfiltration. In general, making UPnP available over the the Internet can pose further security vulnerabilities than the one described in this vulnerability note. Open Connectivity Foundation UPnP There is a vulnerability in the specification regarding improper default permissions.Information is obtained and service operation is interrupted (DoS) It may be put into a state. A security vulnerability exists in UPnP versions prior to 2020-04-17. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: gssdp and gupnp security update\nAdvisory ID: RHSA-2021:1789-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:1789\nIssue date: 2021-05-18\nCVE Names: CVE-2020-12695\n====================================================================\n1. Summary:\n\nAn update for gssdp and gupnp is now available for Red Hat Enterprise Linux\n8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64\n\n3. Description:\n\nGUPnP is an object-oriented open source framework for creating UPnP devices\nand control points, written in C using GObject and libsoup. The GUPnP API\nis intended to be easy to use, efficient and flexible. \n\nGSSDP implements resource discovery and announcement over SSDP and is part\nof gUPnP. \n\nThe following packages have been upgraded to a later upstream version:\ngssdp (1.0.5), gupnp (1.0.6). (BZ#1846589, BZ#1861928)\n\nSecurity Fix(es):\n\n* hostapd: UPnP SUBSCRIBE misbehavior in WPS AP (CVE-2020-12695)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.4 Release Notes linked from the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1846006 - CVE-2020-12695 hostapd: UPnP SUBSCRIBE misbehavior in WPS AP\n\n6. Package List:\n\nRed Hat Enterprise Linux AppStream (v. 8):\n\nSource:\ngssdp-1.0.5-1.el8.src.rpm\ngupnp-1.0.6-1.el8.src.rpm\n\naarch64:\ngssdp-1.0.5-1.el8.aarch64.rpm\ngssdp-debuginfo-1.0.5-1.el8.aarch64.rpm\ngssdp-debugsource-1.0.5-1.el8.aarch64.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.aarch64.rpm\ngupnp-1.0.6-1.el8.aarch64.rpm\ngupnp-debuginfo-1.0.6-1.el8.aarch64.rpm\ngupnp-debugsource-1.0.6-1.el8.aarch64.rpm\n\nppc64le:\ngssdp-1.0.5-1.el8.ppc64le.rpm\ngssdp-debuginfo-1.0.5-1.el8.ppc64le.rpm\ngssdp-debugsource-1.0.5-1.el8.ppc64le.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.ppc64le.rpm\ngupnp-1.0.6-1.el8.ppc64le.rpm\ngupnp-debuginfo-1.0.6-1.el8.ppc64le.rpm\ngupnp-debugsource-1.0.6-1.el8.ppc64le.rpm\n\ns390x:\ngssdp-1.0.5-1.el8.s390x.rpm\ngssdp-debuginfo-1.0.5-1.el8.s390x.rpm\ngssdp-debugsource-1.0.5-1.el8.s390x.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.s390x.rpm\ngupnp-1.0.6-1.el8.s390x.rpm\ngupnp-debuginfo-1.0.6-1.el8.s390x.rpm\ngupnp-debugsource-1.0.6-1.el8.s390x.rpm\n\nx86_64:\ngssdp-1.0.5-1.el8.i686.rpm\ngssdp-1.0.5-1.el8.x86_64.rpm\ngssdp-debuginfo-1.0.5-1.el8.i686.rpm\ngssdp-debuginfo-1.0.5-1.el8.x86_64.rpm\ngssdp-debugsource-1.0.5-1.el8.i686.rpm\ngssdp-debugsource-1.0.5-1.el8.x86_64.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.i686.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.x86_64.rpm\ngupnp-1.0.6-1.el8.i686.rpm\ngupnp-1.0.6-1.el8.x86_64.rpm\ngupnp-debuginfo-1.0.6-1.el8.i686.rpm\ngupnp-debuginfo-1.0.6-1.el8.x86_64.rpm\ngupnp-debugsource-1.0.6-1.el8.i686.rpm\ngupnp-debugsource-1.0.6-1.el8.x86_64.rpm\n\nRed Hat CodeReady Linux Builder (v. 8):\n\naarch64:\ngssdp-debuginfo-1.0.5-1.el8.aarch64.rpm\ngssdp-debugsource-1.0.5-1.el8.aarch64.rpm\ngssdp-devel-1.0.5-1.el8.aarch64.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.aarch64.rpm\ngupnp-debuginfo-1.0.6-1.el8.aarch64.rpm\ngupnp-debugsource-1.0.6-1.el8.aarch64.rpm\ngupnp-devel-1.0.6-1.el8.aarch64.rpm\n\nnoarch:\ngssdp-docs-1.0.5-1.el8.noarch.rpm\n\nppc64le:\ngssdp-debuginfo-1.0.5-1.el8.ppc64le.rpm\ngssdp-debugsource-1.0.5-1.el8.ppc64le.rpm\ngssdp-devel-1.0.5-1.el8.ppc64le.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.ppc64le.rpm\ngupnp-debuginfo-1.0.6-1.el8.ppc64le.rpm\ngupnp-debugsource-1.0.6-1.el8.ppc64le.rpm\ngupnp-devel-1.0.6-1.el8.ppc64le.rpm\n\ns390x:\ngssdp-debuginfo-1.0.5-1.el8.s390x.rpm\ngssdp-debugsource-1.0.5-1.el8.s390x.rpm\ngssdp-devel-1.0.5-1.el8.s390x.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.s390x.rpm\ngupnp-debuginfo-1.0.6-1.el8.s390x.rpm\ngupnp-debugsource-1.0.6-1.el8.s390x.rpm\ngupnp-devel-1.0.6-1.el8.s390x.rpm\n\nx86_64:\ngssdp-debuginfo-1.0.5-1.el8.i686.rpm\ngssdp-debuginfo-1.0.5-1.el8.x86_64.rpm\ngssdp-debugsource-1.0.5-1.el8.i686.rpm\ngssdp-debugsource-1.0.5-1.el8.x86_64.rpm\ngssdp-devel-1.0.5-1.el8.i686.rpm\ngssdp-devel-1.0.5-1.el8.x86_64.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.i686.rpm\ngssdp-utils-debuginfo-1.0.5-1.el8.x86_64.rpm\ngupnp-debuginfo-1.0.6-1.el8.i686.rpm\ngupnp-debuginfo-1.0.6-1.el8.x86_64.rpm\ngupnp-debugsource-1.0.6-1.el8.i686.rpm\ngupnp-debugsource-1.0.6-1.el8.x86_64.rpm\ngupnp-devel-1.0.6-1.el8.i686.rpm\ngupnp-devel-1.0.6-1.el8.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-12695\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYKPxUtzjgjWX9erEAQhZhw//Ypgq/0qu2SS/hw8alPmqQ6CG5C/xOqF6\nuJL5HVQ+KPu8Go+UifB3xP3Izm9GYh9aNpcR3bPTx3NsfJdQyzPNSo8O2bC3mUBl\nLw6Bh++uhaNx3ADaKfceEG5teXbkwAadSft0W7j9jiY70qjVWfvqKjzBS3UyOL/P\n++SdPU96uOX9nAkeT3wqirWjXDjUMJLao6AvRtXOXJ2MNwJp436S/KemSkMq2Mg7\nizSYf7Biojg5SMNM4rsFBSnIqmehomfsVFetttHImCfTYteTfddti42gMelZyG8k\nMK4CJw1DeR1e30teWaHnoVa9xAPJMKx56RG3/Wr+6Y5nK0rFZoZuMiJn2b7KodcH\nfYbfxkwrQQ/R9bYZn03YgCz4zl/hetsoITKFHcsPNB9qtdRdtQhYzeOG+AyiawWh\nYtF3vlomMlaxuOZV9zTJUIWZX/ev6wWx8VsXuHKMBwtBxO7l3M0Hd+BOxRPVE/mu\nm+DBcBQp7fvaw55tCAQtHS3CKvgGYijDvOFHBOkQw5Zh9ttdfLlKo4H4NU0W4dLN\nHJWuKGelB2vGc0eoqZ7yCi2xuWBYxjDIoYGzlwPJSnrrguqeLfOKVykja8AYpIET\nV/XCUk/geIiEbSRwAR8EPXDpTLLicGrR6pbekpMfALm/GGc5I4RyA9AbVNJ9fF+a\n7bb2GlcOcWo=2GSN\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. (CVE-2020-12695)\n\nIt was discovered that ReadyMedia (MiniDLNA) allowed remote code execution. =========================================================================\nUbuntu Security Notice USN-4734-2\nFebruary 16, 2021\n\nwpa vulnerabilities\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant and hostapd. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nUSN-4734-1 fixed several vulnerabilities in wpa_supplicant. This\nupdate provides the corresponding update for Ubuntu 14.04 ESM. \n\nIt was discovered that wpa_supplicant did not properly handle P2P\n(Wi-Fi Direct) group information in some situations, leading to a\nheap overflow. A physically proximate attacker could use this to cause a\ndenial of service or possibly execute arbitrary code. (CVE-2021-0326)\n\nIt was discovered that hostapd did not properly handle UPnP subscribe\nmessages in some circumstances. An attacker could use this to cause a\ndenial of service. (CVE-2020-12695)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 ESM:\n hostapd 1:2.1-0ubuntu1.7+esm3\n wpasupplicant 2.1-0ubuntu1.7+esm3\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 2:2.7+git20190128+0c1e29f-6+deb10u3. \n\nWe recommend that you upgrade your wpa packages. \n\nFor the detailed security status of wpa please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/wpa\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmCBxcZfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0QRbw//chJxW9vhszfe/MrHkuEBC/y0jzkQ0GxJG/DT+EXvHnq8KyVht92B81sU\nIa860UeNygOY1vAe8izNVpxPEi1PpI7Y6VfvqcWC5dMFNEmOk8yMzJXPDYtwrO3b\nq7Fq6MJys6HTooIInCVjdwVTmvVfocEiOl2Oy+smBE8ylkUPIShJj+UsnBR3qMCB\n9IoxgeFsHl4HpRzsC1uiTMmNPUqqychqzyn26aA+Vp5nfPkvpsSc6aA68BBUm529\n5udANpQneYrsQ+EKMm2wQmw9xNWbrqzRUCmi/XGxJ5YEibOjMLZeBMWq35MRQKDS\nBaaEPbjPMbBP7p6yp795pdt/XgNL1cJPejEBBQWPs3PrRuW/inhjJbSvenPl5AIB\nwOV8OzoxDw0m5DdYr2IuYRNu3zt743e/v5oDhDOiSteBl7zjs4cUohfOryaH/htN\n7Ok3BbhfVc7xfW/XhXNq2axXPGDdSOI3Y6ZXPgiTlX3eIm8Culg7Rm52JprbAc0a\naP0pkGjHO3MAIsvRU/H7WGJbhCdS0i/XTAbuJming5zzCpigGaQG9wOawYH4lNJV\nBNEX/DjjcsZ4oETxWn0sG/LVIl3m2TCry2cayZsy8806nTqlhFS2py5tx6gn5NBi\ne5JGaYRgwa6TUxj4UjWnbdIKMpElbtXbMIOHSvG2Gnx/21siyg0=\n=CU/j\n-----END PGP SIGNATURE-----\n. In addition minidlna was susceptible to the\n\"CallStranger\" UPnP vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-12695"
},
{
"db": "CERT/CC",
"id": "VU#339275"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006708"
},
{
"db": "VULHUB",
"id": "VHN-165399"
},
{
"db": "VULMON",
"id": "CVE-2020-12695"
},
{
"db": "PACKETSTORM",
"id": "162672"
},
{
"db": "PACKETSTORM",
"id": "159172"
},
{
"db": "PACKETSTORM",
"id": "161288"
},
{
"db": "PACKETSTORM",
"id": "161444"
},
{
"db": "PACKETSTORM",
"id": "161397"
},
{
"db": "PACKETSTORM",
"id": "169049"
},
{
"db": "PACKETSTORM",
"id": "168951"
}
],
"trust": 3.15
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-12695",
"trust": 4.1
},
{
"db": "CERT/CC",
"id": "VU#339275",
"trust": 3.3
},
{
"db": "PACKETSTORM",
"id": "158051",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2020/06/08/2",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "161288",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "162672",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "159172",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006708",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202006-597",
"trust": 0.7
},
{
"db": "CS-HELP",
"id": "SB2021122905",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021052202",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1382",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0575",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4315",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1728",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0417",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4372",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2705",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4315.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2733",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3160",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "161444",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "161397",
"trust": 0.2
},
{
"db": "CNVD",
"id": "CNVD-2020-37941",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-165399",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-12695",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169049",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168951",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#339275"
},
{
"db": "VULHUB",
"id": "VHN-165399"
},
{
"db": "VULMON",
"id": "CVE-2020-12695"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006708"
},
{
"db": "PACKETSTORM",
"id": "162672"
},
{
"db": "PACKETSTORM",
"id": "159172"
},
{
"db": "PACKETSTORM",
"id": "161288"
},
{
"db": "PACKETSTORM",
"id": "161444"
},
{
"db": "PACKETSTORM",
"id": "161397"
},
{
"db": "PACKETSTORM",
"id": "169049"
},
{
"db": "PACKETSTORM",
"id": "168951"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-597"
},
{
"db": "NVD",
"id": "CVE-2020-12695"
}
]
},
"id": "VAR-202006-0391",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-165399"
}
],
"trust": 0.6333333333333333
},
"last_update_date": "2024-07-23T21:20:57.987000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "RT-N11",
"trust": 0.8,
"url": "https://www.asus.com/us/networking/rtn11/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.broadcom.com/"
},
{
"title": "Canon SELPHY CP1200",
"trust": 0.8,
"url": "https://en.canon-me.com/support/consumer_products/products/printers/compact_photo/cd__cp_series/selphy_cp1200.html?type=drivers\u0026language=\u0026os=windows%208.1%20(64-bit)"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.cisco.com/c/en/us/index.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://us.dlink.com/en/consumer"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.dell.com/en-us"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://community.ui.com/"
},
{
"title": "hostapd",
"trust": 0.8,
"url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-013311.html"
},
{
"title": "Debian CVElist Bug Report Logs: wpa: CVE-2020-12695",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=cdef40da4b3b6b2f4fcf08e447d20494"
},
{
"title": "Debian Security Advisories: DSA-4806-1 minidlna -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=5e0b1e00748aee507290bde9650370c7"
},
{
"title": "Arch Linux Advisories: [ASA-202012-16] hostapd: proxy injection",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-202012-16"
},
{
"title": "Debian Security Advisories: DSA-4898-1 wpa -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=2832d7aeef980951ddf42089219be7b3"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2020-12695 log"
},
{
"title": "awesome-from-stars",
"trust": 0.1,
"url": "https://github.com/krzemienski/awesome-from-stars "
},
{
"title": "callstranger-detector",
"trust": 0.1,
"url": "https://github.com/corelight/callstranger-detector "
},
{
"title": "CallStranger",
"trust": 0.1,
"url": "https://github.com/yunuscadirci/callstranger "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/xcod3bughunt3r/callstranger "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/yunuscadirci/dialstranger "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/aoeii/asuswrt-for-tenda-ac9-router "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-12695"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006708"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-276",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-165399"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006708"
},
{
"db": "NVD",
"id": "CVE-2020-12695"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://www.kb.cert.org/vuls/id/339275"
},
{
"trust": 2.5,
"url": "https://github.com/yunuscadirci/callstranger"
},
{
"trust": 2.5,
"url": "https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/158051/callstranger-upnp-vulnerability-checker.html"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2020/dsa-4806"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2021/dsa-4898"
},
{
"trust": 1.7,
"url": "https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/"
},
{
"trust": 1.7,
"url": "https://github.com/corelight/callstranger-detector"
},
{
"trust": 1.7,
"url": "https://www.callstranger.com"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2020/06/08/2"
},
{
"trust": 1.7,
"url": "https://usn.ubuntu.com/4494-1/"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12695"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/l3shl4lofghj3dixsuiqelgvbdj7v7lb/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/mzdwhkgn3lmgsueoaavamod3iuipjvoj/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/rqeyvy4d7lash6ai4wk3ik2qbfhhf3q2/"
},
{
"trust": 0.8,
"url": "https://callstranger.com"
},
{
"trust": 0.8,
"url": "https://openconnectivity.org/developer/specifications/upnp-resources/upnp/"
},
{
"trust": 0.8,
"url": "https://kb.cert.org/vuls/search/?q=upnp"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12695"
},
{
"trust": 0.8,
"url": "https://jvn.jp/ta/jvnta95827565/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/rqeyvy4d7lash6ai4wk3ik2qbfhhf3q2/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/mzdwhkgn3lmgsueoaavamod3iuipjvoj/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/l3shl4lofghj3dixsuiqelgvbdj7v7lb/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021052202"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4372/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1728"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/162672/red-hat-security-advisory-2021-1789-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021122905"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0417"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3160/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2733/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1382"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159172/ubuntu-security-notice-usn-4494-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4315.2/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0575"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2705/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4315/"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200701-01-upnp-cn"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/161288/ubuntu-security-notice-usn-4722-1.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/upnp-information-disclosure-via-subscribe-delivery-url-32701"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-0326"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-28926"
},
{
"trust": 0.2,
"url": "https://usn.ubuntu.com/4734-1"
},
{
"trust": 0.2,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12695"
},
{
"trust": 0.1,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:1789"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/gupnp/1.2.3-0ubuntu0.20.04.1"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4494-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/minidlna/1.2.1+dfsg-1ubuntu0.18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/minidlna/1.2.1+dfsg-1ubuntu0.20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/minidlna/1.1.5+dfsg-2ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/minidlna/1.2.1+dfsg-2ubuntu0.1"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4722-1"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4734-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.7"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2:2.9-1ubuntu8.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2:2.6-15ubuntu2.7"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2:2.9-1ubuntu4.2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27803"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/wpa"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/minidlna"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#339275"
},
{
"db": "VULHUB",
"id": "VHN-165399"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006708"
},
{
"db": "PACKETSTORM",
"id": "162672"
},
{
"db": "PACKETSTORM",
"id": "159172"
},
{
"db": "PACKETSTORM",
"id": "161288"
},
{
"db": "PACKETSTORM",
"id": "161444"
},
{
"db": "PACKETSTORM",
"id": "161397"
},
{
"db": "PACKETSTORM",
"id": "169049"
},
{
"db": "PACKETSTORM",
"id": "168951"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-597"
},
{
"db": "NVD",
"id": "CVE-2020-12695"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#339275"
},
{
"db": "VULHUB",
"id": "VHN-165399"
},
{
"db": "VULMON",
"id": "CVE-2020-12695"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006708"
},
{
"db": "PACKETSTORM",
"id": "162672"
},
{
"db": "PACKETSTORM",
"id": "159172"
},
{
"db": "PACKETSTORM",
"id": "161288"
},
{
"db": "PACKETSTORM",
"id": "161444"
},
{
"db": "PACKETSTORM",
"id": "161397"
},
{
"db": "PACKETSTORM",
"id": "169049"
},
{
"db": "PACKETSTORM",
"id": "168951"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-597"
},
{
"db": "NVD",
"id": "CVE-2020-12695"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-08T00:00:00",
"db": "CERT/CC",
"id": "VU#339275"
},
{
"date": "2020-06-08T00:00:00",
"db": "VULHUB",
"id": "VHN-165399"
},
{
"date": "2020-06-08T00:00:00",
"db": "VULMON",
"id": "CVE-2020-12695"
},
{
"date": "2020-07-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006708"
},
{
"date": "2021-05-19T14:10:26",
"db": "PACKETSTORM",
"id": "162672"
},
{
"date": "2020-09-15T17:05:32",
"db": "PACKETSTORM",
"id": "159172"
},
{
"date": "2021-02-04T21:34:49",
"db": "PACKETSTORM",
"id": "161288"
},
{
"date": "2021-02-16T23:41:17",
"db": "PACKETSTORM",
"id": "161444"
},
{
"date": "2021-02-12T17:29:06",
"db": "PACKETSTORM",
"id": "161397"
},
{
"date": "2021-04-28T19:12:00",
"db": "PACKETSTORM",
"id": "169049"
},
{
"date": "2020-12-28T20:12:00",
"db": "PACKETSTORM",
"id": "168951"
},
{
"date": "2020-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-597"
},
{
"date": "2020-06-08T17:15:09.973000",
"db": "NVD",
"id": "CVE-2020-12695"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-08T00:00:00",
"db": "CERT/CC",
"id": "VU#339275"
},
{
"date": "2021-04-23T00:00:00",
"db": "VULHUB",
"id": "VHN-165399"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2020-12695"
},
{
"date": "2020-07-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006708"
},
{
"date": "2023-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-597"
},
{
"date": "2024-04-08T22:50:14.587000",
"db": "NVD",
"id": "CVE-2020-12695"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "159172"
},
{
"db": "PACKETSTORM",
"id": "161288"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-597"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Universal Plug and Play (UPnP) SUBSCRIBE can be abused to send traffic to arbitrary destinations",
"sources": [
{
"db": "CERT/CC",
"id": "VU#339275"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-597"
}
],
"trust": 0.6
}
}
VAR-201809-1153
Vulnerability from variot - Updated: 2024-07-23 19:24The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size. Linux Kernel is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. 7) - aarch64, noarch, ppc64le
Security Fix(es):
- An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. (CVE-2018-5391)
Space precludes documenting all of the security fixes in this advisory. 1623067 - CVE-2018-9363 kernel: Buffer overflow in hidp_process_report 1629636 - CVE-2018-14641 kernel: a bug in ip_frag_reasm() can cause a crash in ip_do_fragment()
- ========================================================================= Ubuntu Security Notice USN-3742-2 August 14, 2018
linux-lts-trusty vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in the Linux kernel. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 for Ubuntu 12.04 ESM.
It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local attacker in a guest virtual machine could use this to expose sensitive information (memory from other guests or the host OS). (CVE-2018-3646)
It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local attacker could use this to expose sensitive information (memory from the kernel or other processes). (CVE-2018-3620)
Andrey Konovalov discovered an out-of-bounds read in the POSIX timers subsystem in the Linux kernel. (CVE-2018-5390)
Juha-Matti Tilli discovered that the IP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packet fragments. (CVE-2018-5391)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 ESM: linux-image-3.13.0-155-generic 3.13.0-155.206~precise1 linux-image-3.13.0-155-generic-lpae 3.13.0-155.206~precise1 linux-image-generic-lpae-lts-trusty 3.13.0.155.145 linux-image-generic-lts-trusty 3.13.0.155.145
Please note that the recommended mitigation for CVE-2018-3646 involves updating processor microcode in addition to updating the kernel; however, the kernel includes a fallback for processors that have not received microcode updates.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. 6.7) - i386, ppc64, s390x, x86_64
Bug Fix(es):
-
Previously, the kernel source code lacked support to report the Speculative Store Bypass Disable (SSBD) vulnerability status on IBM Power Systems. As a consequence, the /sys/devices/system/cpu/vulnerabilities/spec_store_bypass file incorrectly reported "Not affected". This fix updates the kernel source code to properly report the SSBD status either as "Vulnerable" or "Mitigation: Kernel entry/exit barrier (TYPE)", where TYPE is one of "eieio", "hwsync", "fallback", or "unknown". (BZ#1615873)
-
After updating the system to prevent the L1 Terminal Fault (L1TF) vulnerability, only one thread was detected on systems that offer processing of two threads on a single processor core. With this update, the "__max_smt_threads()" function has been fixed. (BZ#1629634)
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2018:3590-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:3590 Issue date: 2018-11-13 CVE Names: CVE-2017-18344 CVE-2018-5391 CVE-2018-10675 CVE-2018-14634 =====================================================================
- Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.2) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.2) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.2) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.2) - x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.2) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.2) - noarch, x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. (CVE-2018-5391)
-
kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c (CVE-2017-18344)
-
kernel: mm: use-after-free in do_get_mempolicy function allows local DoS or other unspecified impact (CVE-2018-10675)
-
kernel: Integer overflow in Linux's create_elf_tables function (CVE-2018-14634)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Juha-Matti Tilli (Aalto University - Department of Communications and Networking and Nokia Bell Labs) for reporting CVE-2018-5391 and Qualys Research Labs for reporting CVE-2018-14634.
Bug Fix(es):
-
Previously, a kernel panic occurred when the kernel tried to make an out of bound access to the array that describes the L1 Terminal Fault (L1TF) mitigation state on systems without Extended Page Tables (EPT) support. This update extends the array of mitigation states to cover all the states, which effectively prevents out of bound array access. Also, this update enables rejecting invalid, irrelevant values, that might be erroneously provided by the userspace. As a result, the kernel no longer panics in the described scenario. (BZ#1629565)
-
Previously, a packet was missing the User Datagram Protocol (UDP) payload checksum during a full checksum computation, if the hardware checksum was not applied. As a consequence, a packet with an incorrect checksum was dropped by a peer. With this update, the kernel includes the UDP payload checksum during the full checksum computation. As a result, the checksum is computed correctly and the packet can be received by the peer. (BZ#1635792)
-
Previously, a transform lookup through the xfrm framework could be performed on an already transformed destination cache entry (dst_entry). When using User Datagram Protocol (UDP) over IPv6 with a connected socket in conjunction with Internet Protocol Security (IPsec) in Encapsulating Security Payload (ESP) transport mode. As a consequence, invalid IPv6 fragments transmitted from the host or the kernel occasionally terminated unexpectedly due to a socket buffer (SKB) underrun. With this update, the xfrm lookup on an already transformed dst_entry is not possible. As a result, using UDP iperf utility over IPv6 ESP no longer causes invalid IPv6 fragment transmissions or a kernel panic. (BZ#1639586)
-
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1575065 - CVE-2018-10675 kernel: mm: use-after-free in do_get_mempolicy function allows local DoS or other unspecified impact 1609664 - CVE-2018-5391 kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) 1610958 - CVE-2017-18344 kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c 1624498 - CVE-2018-14634 kernel: Integer overflow in Linux's create_elf_tables function
- Package List:
Red Hat Enterprise Linux Server AUS (v. 7.2):
Source: kernel-3.10.0-327.76.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-327.76.1.el7.noarch.rpm kernel-doc-3.10.0-327.76.1.el7.noarch.rpm
x86_64: kernel-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm kernel-devel-3.10.0-327.76.1.el7.x86_64.rpm kernel-headers-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.76.1.el7.x86_64.rpm perf-3.10.0-327.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm python-perf-3.10.0-327.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.2):
Source: kernel-3.10.0-327.76.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-327.76.1.el7.noarch.rpm kernel-doc-3.10.0-327.76.1.el7.noarch.rpm
x86_64: kernel-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm kernel-devel-3.10.0-327.76.1.el7.x86_64.rpm kernel-headers-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.76.1.el7.x86_64.rpm perf-3.10.0-327.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm python-perf-3.10.0-327.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.2):
Source: kernel-3.10.0-327.76.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-327.76.1.el7.noarch.rpm kernel-doc-3.10.0-327.76.1.el7.noarch.rpm
x86_64: kernel-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm kernel-devel-3.10.0-327.76.1.el7.x86_64.rpm kernel-headers-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.76.1.el7.x86_64.rpm perf-3.10.0-327.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm python-perf-3.10.0-327.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.2):
x86_64: kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.2):
x86_64: kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.2):
x86_64: kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-18344 https://access.redhat.com/security/cve/CVE-2018-5391 https://access.redhat.com/security/cve/CVE-2018-10675 https://access.redhat.com/security/cve/CVE-2018-14634 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/3553061 https://access.redhat.com/security/vulnerabilities/mutagen-astronomy
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBW+sPDtzjgjWX9erEAQhm3BAAhxwzb8zJTfl0zFY/r9KUzkAdLXY4w39X BgJrVPyl7f6krvQ17HE95Poqz/iUhMOZAweypQXHMRKkmfMTYiLHlKpdIusou2xy y1ZzB1uloI4j2zMdTDRP5yZz06r/NP5A05pLZDA02iR5b07ALLYb5hcL5oBnpQXp 9Xp31qb7TCP+jWtCO1Ot+9GJ3chMNvpYqH0OkGTpq/G7PxGrhIzB6v4p6N5OntD9 5CIebREaGBWn9ViWiUHcthgg+PN2iS2/5ST82g/Jss/WmVVZSiVbayob6/MNQPnb M29VHOmJ6pf5dERNpSqrJrBXeDYCMA6HHD+RT9SmiuQQ8gQ2Rzjy7K97Nn++6x7O nclOTmB7hQZtl0WhgC3xuwtslXGpe9jKSzql03ijTvJRQrczgVWiBS+tpfVAJprV ma2Kchf5ivctaXZ/R62JMyTvNf6HCVdvBNvSNET52ol3PkdpJK7V7mg+H64Mqdrl cBTUDBHHYYWMJted9pHWq7tPs0vy1h9aoFqNdlak5jwr169vldlZMRBbhtvz+OXj V/o+IClbY9UUfibaXDoX7qufeVikW1KQ4L+VhRj3RzXNsu2A8FUAcN7za5Qv5HIe LiC42C+pjvHqS/9gNpBakzKv6nPldWZIfPEuF4zewizBxlTXHPE1ln1hAWKjqVTs 6QJ1Zh7jeUY= =8JOQ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Bug Fix(es):
These updated kernel packages include also numerous bug fixes
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-1153",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.6,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.6,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.6,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.6,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip link controller",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.4"
},
{
"model": "big-ip application acceleration manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "simatic net cp 1542sp-1 irc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.1"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "big-ip webaccelerator",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.7"
},
{
"model": "windows rt 8.1",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1607"
},
{
"model": "scalance m-800",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.1"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.1.1"
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "windows 7",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "big-ip advanced firewall manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.1.1"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.4"
},
{
"model": "simatic net cp 1243-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.2"
},
{
"model": "big-ip access policy manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "simatic rf188",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.3"
},
{
"model": "big-ip global traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "big-ip global traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.1.1"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.1.1"
},
{
"model": "big-ip access policy manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.4"
},
{
"model": "big-ip domain name system",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5.1"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "big-ip global traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.4"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.4"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip edge gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5.1"
},
{
"model": "big-ip link controller",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5.1"
},
{
"model": "simatic net cp 1243-7 lte eu",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.2"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "big-ip application security manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip application security manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.1.1"
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip analytics",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.1.1"
},
{
"model": "big-ip application security manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.4"
},
{
"model": "big-ip domain name system",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "simatic rf185c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.3"
},
{
"model": "scalance s615",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.1"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip analytics",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.4"
},
{
"model": "big-ip edge gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "big-ip link controller",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "simatic rf186ci",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.3"
},
{
"model": "simatic rf186c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.3"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.4"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5.1"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "scalance sc-600",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "big-ip access policy manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5.1"
},
{
"model": "simatic net cp 1243-8 irc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.2"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "big-ip global traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5.1"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5.1"
},
{
"model": "simatic rf188ci",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.3"
},
{
"model": "big-ip webaccelerator",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.1.1"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "big-ip webaccelerator",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "ruggedcom rm1224",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.1"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "big-ip access policy manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "big-ip application security manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5.1"
},
{
"model": "big-ip global traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "big-ip local traffic manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip analytics",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip application security manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5.1"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "simatic net cp 1542sp-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.1"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "ruggedcom rox ii",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.13.3"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "big-ip fraud protection service",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.1.1"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.4"
},
{
"model": "big-ip fraud protection service",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.4"
},
{
"model": "sinema remote connect server",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "1.1"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "simatic net cp 1243-7 lte us",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.2"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "big-ip application acceleration manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "big-ip webaccelerator",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "big-ip application acceleration manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.1.1"
},
{
"model": "big-ip application acceleration manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.4"
},
{
"model": "big-ip edge gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.1.1"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip edge gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.4"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1703"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip analytics",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5.1"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "simatic net cp 1543-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.2"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "simatic net cp 1543sp-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.1"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "simatic net cp 1242-7",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.2"
},
{
"model": "sinema remote connect server",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0.1"
},
{
"model": "big-ip analytics",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip fraud protection service",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5.1"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "big-ip fraud protection service",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "scalance w1700 ieee 802.11ac",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "scalance w700 ieee 802.11a\\/b\\/g\\/n",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.4"
},
{
"model": "big-ip access policy manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.1.1"
},
{
"model": "big-ip application acceleration manager",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5.1"
},
{
"model": "big-ip webaccelerator",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5.1"
},
{
"model": "kernel",
"scope": "lte",
"trust": 1.0,
"vendor": "linux",
"version": "4.18"
},
{
"model": "big-ip fraud protection service",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.3"
},
{
"model": "big-ip domain name system",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "big-ip domain name system",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.1.1"
},
{
"model": "big-ip edge gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "big-ip link controller",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.5"
},
{
"model": "big-ip domain name system",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.2.4"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.9"
},
{
"model": "big-ip link controller",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.1.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.2"
},
{
"model": "pan-os",
"scope": "ne",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.20"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.8"
},
{
"model": "extendible operating system 4.20.5f",
"scope": null,
"trust": 0.3,
"vendor": "arista",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.73"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.15"
},
{
"model": "extendible operating system 4.20.5.1f",
"scope": null,
"trust": 0.3,
"vendor": "arista",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.7"
},
{
"model": "windows server r2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.0.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.22"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.18"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.17.11"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10"
},
{
"model": "kernel 3.9-rc3",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.0.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "extendible operating system 4.20.4f",
"scope": null,
"trust": 0.3,
"vendor": "arista",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.0.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.17.1"
},
{
"model": "kernel 4.14-rc5",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.0.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.16"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.9"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.21"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.10"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "18030"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.18"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.23"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.14"
},
{
"model": "extendible operating system 4.20.4.1f",
"scope": null,
"trust": 0.3,
"vendor": "arista",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.21"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.7"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.37"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.54"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.43"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.73"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.13"
},
{
"model": "windows rt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.1"
},
{
"model": "windows server r2 for itanium-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.12"
},
{
"model": "pan-os",
"scope": "ne",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.1.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.9"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.21"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.16.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.3"
},
{
"model": "kernel 3.9-rc8",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.17.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.1"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.44"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.49"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.4"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.20"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.17"
},
{
"model": "extendible operating system 4.21.0f",
"scope": null,
"trust": 0.3,
"vendor": "arista",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.1.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.27"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.10"
},
{
"model": "kernel 4.13-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "extendible operating system 4.20.7m",
"scope": null,
"trust": 0.3,
"vendor": "arista",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.19"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.1.3"
},
{
"model": "windows server r2 for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.9"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.3"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.0.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.45"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.19.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.9"
},
{
"model": "extendible operating system 4.20.1f",
"scope": null,
"trust": 0.3,
"vendor": "arista",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.0.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.0.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.37"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.17.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.48"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.9.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.21"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.81"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15.10"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.30"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.0.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.12"
},
{
"model": "kernel 4.14.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel 4.16-rc",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.6"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.8"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.0.4"
},
{
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.36"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.11"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.0.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.13"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.4"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20160"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.41"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.9"
},
{
"model": "extendible operating system 4.20.6f",
"scope": null,
"trust": 0.3,
"vendor": "arista",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.0"
},
{
"model": "linux esm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.11"
},
{
"model": "extendible operating system 4.20.8m",
"scope": null,
"trust": 0.3,
"vendor": "arista",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.8"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.17"
},
{
"model": "windows server for itanium-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.3"
},
{
"model": "kernel 3.9-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.31"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17.4"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.10"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.14"
},
{
"model": "kernel 4.12-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.3"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.10"
},
{
"model": "enterprise mrg",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.4"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.2"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.15"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.19"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.12"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.17.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.9"
},
{
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.79"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.17"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.1"
},
{
"model": "extendible operating system 4.20.2f",
"scope": null,
"trust": 0.3,
"vendor": "arista",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.9.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.6"
},
{
"model": "pan-os",
"scope": "ne",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.0.13"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.7"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.5"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.3"
},
{
"model": "extendible operating system",
"scope": "eq",
"trust": 0.3,
"vendor": "arista",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.0.12"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.0.10"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "18.04"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.13.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.9.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.45"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.7"
},
{
"model": "kernel 4.15-rc5",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.1"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "16.04"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.16.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.1"
},
{
"model": "extendible operating system 4.20.3f",
"scope": null,
"trust": 0.3,
"vendor": "arista",
"version": null
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.9"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.1.4"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.7"
},
{
"model": "extendible operating system 4.20.5.2f",
"scope": null,
"trust": 0.3,
"vendor": "arista",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.18"
},
{
"model": "pan-os",
"scope": "ne",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.22"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.7"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.1.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "8.1"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "17090"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.20"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.36"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.19"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.8"
},
{
"model": "kernel 3.9-rc7",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.90"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.15.16"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.2"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.7"
},
{
"model": "extendible operating system 4.20.0f",
"scope": null,
"trust": 0.3,
"vendor": "arista",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.16.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.38"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.16.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.15.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.1"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "extendible operating system 4.20.2.1f",
"scope": null,
"trust": 0.3,
"vendor": "arista",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17.6"
},
{
"model": "kernel 4.17-rc2",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.13.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.5"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.14.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.10.8"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.12.4"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.4"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.10"
},
{
"model": "kernel 4.16-rc6",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.40"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.9"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.17.2"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.18.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.16.6"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.14.31"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "4.11.1"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.12.11"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.10.26"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1.13"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.17"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.3,
"vendor": "linux",
"version": "3.11"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1.10"
},
{
"model": "kernel 4.14-rc1",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
},
{
"model": "kernel 4.16-rc7",
"scope": null,
"trust": 0.3,
"vendor": "linux",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "105108"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-570"
},
{
"db": "NVD",
"id": "CVE-2018-5391"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.18",
"versionStartIncluding": "3.9",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:itanium:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.0.1.1",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.1.2.4",
"versionStartIncluding": "14.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "13.1.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.1.5",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.5.1",
"versionStartIncluding": "11.5.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.13.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_ii:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_sc-600_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_sc-600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w1700_ieee_802.11ac_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w1700_ieee_802.11ac:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w700_ieee_802.11a\\/b\\/g\\/n_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w700_ieee_802.11a\\/b\\/g\\/n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_net_cp_1242-7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_net_cp_1242-7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_net_cp_1243-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_net_cp_1243-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_net_cp_1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_net_cp_1243-7_lte_eu:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_net_cp_1243-7_lte_us_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_net_cp_1243-7_lte_us:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_net_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_net_cp_1243-8_irc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_net_cp_1542sp-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_net_cp_1542sp-1_irc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_net_cp_1543-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_net_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_net_cp_1543sp-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_rf188_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_rf188:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinema_remote_connect_server_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.1",
"versionStartIncluding": "1.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinema_remote_connect_server:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5391"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "150070"
},
{
"db": "PACKETSTORM",
"id": "150057"
},
{
"db": "PACKETSTORM",
"id": "149832"
},
{
"db": "PACKETSTORM",
"id": "150315"
},
{
"db": "PACKETSTORM",
"id": "150191"
},
{
"db": "PACKETSTORM",
"id": "150314"
}
],
"trust": 0.6
},
"cve": "CVE-2018-5391",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-135422",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-5391",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-5391",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-570",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-135422",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-5391",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135422"
},
{
"db": "VULMON",
"id": "CVE-2018-5391"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-570"
},
{
"db": "NVD",
"id": "CVE-2018-5391"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size. Linux Kernel is prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to cause a denial-of-service condition. 7) - aarch64, noarch, ppc64le\n\n3. \n\nSecurity Fix(es):\n\n* An industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of Load \u0026 Store instructions\n(a commonly used performance optimization). It relies on the presence of a\nprecisely-defined instruction sequence in the privileged code as well as\nthe fact that memory read from address to which a recent memory write has\noccurred may see an older value and subsequently cause an update into the\nmicroprocessor\u0027s data cache even for speculatively executed instructions\nthat never actually commit (retire). As a result, an unprivileged attacker\ncould use this flaw to read privileged memory by conducting targeted cache\nside-channel attacks. Maintaining the denial of service\ncondition requires continuous two-way TCP sessions to a reachable open\nport, thus the attacks cannot be performed using spoofed IP addresses. (CVE-2018-5391)\n\nSpace precludes documenting all of the security fixes in this advisory. \n1623067 - CVE-2018-9363 kernel: Buffer overflow in hidp_process_report\n1629636 - CVE-2018-14641 kernel: a bug in ip_frag_reasm() can cause a crash in ip_do_fragment()\n\n6. =========================================================================\nUbuntu Security Notice USN-3742-2\nAugust 14, 2018\n\nlinux-lts-trusty vulnerabilities\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 14.04 for Ubuntu\n12.04 ESM. \n\nIt was discovered that memory present in the L1 data cache of an Intel CPU\ncore may be exposed to a malicious process that is executing on the CPU\ncore. This vulnerability is also known as L1 Terminal Fault (L1TF). A local\nattacker in a guest virtual machine could use this to expose sensitive\ninformation (memory from other guests or the host OS). (CVE-2018-3646)\n\nIt was discovered that memory present in the L1 data cache of an Intel CPU\ncore may be exposed to a malicious process that is executing on the CPU\ncore. This vulnerability is also known as L1 Terminal Fault (L1TF). A local\nattacker could use this to expose sensitive information (memory from the\nkernel or other processes). (CVE-2018-3620)\n\nAndrey Konovalov discovered an out-of-bounds read in the POSIX timers\nsubsystem in the Linux kernel. (CVE-2018-5390)\n\nJuha-Matti Tilli discovered that the IP implementation in the Linux kernel\nperformed algorithmically expensive operations in some situations when\nhandling incoming packet fragments. (CVE-2018-5391)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 ESM:\n linux-image-3.13.0-155-generic 3.13.0-155.206~precise1\n linux-image-3.13.0-155-generic-lpae 3.13.0-155.206~precise1\n linux-image-generic-lpae-lts-trusty 3.13.0.155.145\n linux-image-generic-lts-trusty 3.13.0.155.145\n\nPlease note that the recommended mitigation for CVE-2018-3646 involves\nupdating processor microcode in addition to updating the kernel;\nhowever, the kernel includes a fallback for processors that have not\nreceived microcode updates. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. 6.7) - i386, ppc64, s390x, x86_64\n\n3. \n\nBug Fix(es):\n\n* Previously, the kernel source code lacked support to report the\nSpeculative Store Bypass Disable (SSBD) vulnerability status on IBM Power\nSystems. As a consequence, the\n/sys/devices/system/cpu/vulnerabilities/spec_store_bypass file incorrectly\nreported \"Not affected\". This fix updates the kernel source code to\nproperly report the SSBD status either as \"Vulnerable\" or \"Mitigation:\nKernel entry/exit barrier (TYPE)\", where TYPE is one of \"eieio\", \"hwsync\",\n\"fallback\", or \"unknown\". (BZ#1615873)\n\n* After updating the system to prevent the L1 Terminal Fault (L1TF)\nvulnerability, only one thread was detected on systems that offer\nprocessing of two threads on a single processor core. With this update, the\n\"__max_smt_threads()\" function has been fixed. (BZ#1629634)\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: kernel security and bug fix update\nAdvisory ID: RHSA-2018:3590-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2018:3590\nIssue date: 2018-11-13\nCVE Names: CVE-2017-18344 CVE-2018-5391 CVE-2018-10675 \n CVE-2018-14634 \n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7.2\nAdvanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update\nSupport, and Red Hat Enterprise Linux 7.2 Update Services for SAP\nSolutions. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 7.2) - noarch, x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.2) - noarch, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.2) - x86_64\nRed Hat Enterprise Linux Server Optional E4S (v. 7.2) - x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 7.2) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.2) - noarch, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\n* A flaw named FragmentSmack was found in the way the Linux kernel handled\nreassembly of fragmented IPv4 and IPv6 packets. (CVE-2018-5391)\n\n* kernel: out-of-bounds access in the show_timer function in\nkernel/time/posix-timers.c (CVE-2017-18344)\n\n* kernel: mm: use-after-free in do_get_mempolicy function allows local DoS\nor other unspecified impact (CVE-2018-10675)\n\n* kernel: Integer overflow in Linux\u0027s create_elf_tables function\n(CVE-2018-14634)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. \n\nRed Hat would like to thank Juha-Matti Tilli (Aalto University - Department\nof Communications and Networking and Nokia Bell Labs) for reporting\nCVE-2018-5391 and Qualys Research Labs for reporting CVE-2018-14634. \n\nBug Fix(es):\n\n* Previously, a kernel panic occurred when the kernel tried to make an out\nof bound access to the array that describes the L1 Terminal Fault (L1TF)\nmitigation state on systems without Extended Page Tables (EPT) support. \nThis update extends the array of mitigation states to cover all the states,\nwhich effectively prevents out of bound array access. Also, this update\nenables rejecting invalid, irrelevant values, that might be erroneously\nprovided by the userspace. As a result, the kernel no longer panics in the\ndescribed scenario. (BZ#1629565)\n\n* Previously, a packet was missing the User Datagram Protocol (UDP) payload\nchecksum during a full checksum computation, if the hardware checksum was\nnot applied. As a consequence, a packet with an incorrect checksum was\ndropped by a peer. With this update, the kernel includes the UDP payload\nchecksum during the full checksum computation. As a result, the checksum is\ncomputed correctly and the packet can be received by the peer. (BZ#1635792)\n\n* Previously, a transform lookup through the xfrm framework could be\nperformed on an already transformed destination cache entry (dst_entry). \nWhen using User Datagram Protocol (UDP) over IPv6 with a connected socket\nin conjunction with Internet Protocol Security (IPsec) in Encapsulating\nSecurity Payload (ESP) transport mode. As a consequence, invalid IPv6\nfragments transmitted from the host or the kernel occasionally terminated\nunexpectedly due to a socket buffer (SKB) underrun. With this update, the\nxfrm lookup on an already transformed dst_entry is not possible. As a\nresult, using UDP iperf utility over IPv6 ESP no longer causes invalid IPv6\nfragment transmissions or a kernel panic. (BZ#1639586)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1575065 - CVE-2018-10675 kernel: mm: use-after-free in do_get_mempolicy function allows local DoS or other unspecified impact\n1609664 - CVE-2018-5391 kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack)\n1610958 - CVE-2017-18344 kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c\n1624498 - CVE-2018-14634 kernel: Integer overflow in Linux\u0027s create_elf_tables function\n\n6. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 7.2):\n\nSource:\nkernel-3.10.0-327.76.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-327.76.1.el7.noarch.rpm\nkernel-doc-3.10.0-327.76.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debug-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-devel-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-headers-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-tools-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-327.76.1.el7.x86_64.rpm\nperf-3.10.0-327.76.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\npython-perf-3.10.0-327.76.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.2):\n\nSource:\nkernel-3.10.0-327.76.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-327.76.1.el7.noarch.rpm\nkernel-doc-3.10.0-327.76.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debug-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-devel-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-headers-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-tools-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-327.76.1.el7.x86_64.rpm\nperf-3.10.0-327.76.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\npython-perf-3.10.0-327.76.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.2):\n\nSource:\nkernel-3.10.0-327.76.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-327.76.1.el7.noarch.rpm\nkernel-doc-3.10.0-327.76.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debug-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-devel-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-headers-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-tools-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-327.76.1.el7.x86_64.rpm\nperf-3.10.0-327.76.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\npython-perf-3.10.0-327.76.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.2):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-327.76.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional E4S (v. 7.2):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-327.76.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 7.2):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-327.76.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-18344\nhttps://access.redhat.com/security/cve/CVE-2018-5391\nhttps://access.redhat.com/security/cve/CVE-2018-10675\nhttps://access.redhat.com/security/cve/CVE-2018-14634\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/articles/3553061\nhttps://access.redhat.com/security/vulnerabilities/mutagen-astronomy\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBW+sPDtzjgjWX9erEAQhm3BAAhxwzb8zJTfl0zFY/r9KUzkAdLXY4w39X\nBgJrVPyl7f6krvQ17HE95Poqz/iUhMOZAweypQXHMRKkmfMTYiLHlKpdIusou2xy\ny1ZzB1uloI4j2zMdTDRP5yZz06r/NP5A05pLZDA02iR5b07ALLYb5hcL5oBnpQXp\n9Xp31qb7TCP+jWtCO1Ot+9GJ3chMNvpYqH0OkGTpq/G7PxGrhIzB6v4p6N5OntD9\n5CIebREaGBWn9ViWiUHcthgg+PN2iS2/5ST82g/Jss/WmVVZSiVbayob6/MNQPnb\nM29VHOmJ6pf5dERNpSqrJrBXeDYCMA6HHD+RT9SmiuQQ8gQ2Rzjy7K97Nn++6x7O\nnclOTmB7hQZtl0WhgC3xuwtslXGpe9jKSzql03ijTvJRQrczgVWiBS+tpfVAJprV\nma2Kchf5ivctaXZ/R62JMyTvNf6HCVdvBNvSNET52ol3PkdpJK7V7mg+H64Mqdrl\ncBTUDBHHYYWMJted9pHWq7tPs0vy1h9aoFqNdlak5jwr169vldlZMRBbhtvz+OXj\nV/o+IClbY9UUfibaXDoX7qufeVikW1KQ4L+VhRj3RzXNsu2A8FUAcN7za5Qv5HIe\nLiC42C+pjvHqS/9gNpBakzKv6nPldWZIfPEuF4zewizBxlTXHPE1ln1hAWKjqVTs\n6QJ1Zh7jeUY=\n=8JOQ\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBug Fix(es):\n\nThese updated kernel packages include also numerous bug fixes",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5391"
},
{
"db": "BID",
"id": "105108"
},
{
"db": "VULHUB",
"id": "VHN-135422"
},
{
"db": "VULMON",
"id": "CVE-2018-5391"
},
{
"db": "PACKETSTORM",
"id": "150070"
},
{
"db": "PACKETSTORM",
"id": "150057"
},
{
"db": "PACKETSTORM",
"id": "148917"
},
{
"db": "PACKETSTORM",
"id": "149832"
},
{
"db": "PACKETSTORM",
"id": "150315"
},
{
"db": "PACKETSTORM",
"id": "150191"
},
{
"db": "PACKETSTORM",
"id": "150314"
},
{
"db": "PACKETSTORM",
"id": "148916"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-5391",
"trust": 2.9
},
{
"db": "CERT/CC",
"id": "VU#641765",
"trust": 2.1
},
{
"db": "BID",
"id": "105108",
"trust": 2.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2019/06/28/2",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2019/07/06/4",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2019/07/06/3",
"trust": 1.8
},
{
"db": "SIEMENS",
"id": "SSA-377115",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1041476",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1041637",
"trust": 1.8
},
{
"db": "CNNVD",
"id": "CNNVD-201808-570",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.0545",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0623",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0854",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1315",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0675",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-20-105-05",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "148928",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-135422",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-5391",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150070",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150057",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148917",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "149832",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150315",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150191",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150314",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148916",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135422"
},
{
"db": "VULMON",
"id": "CVE-2018-5391"
},
{
"db": "BID",
"id": "105108"
},
{
"db": "PACKETSTORM",
"id": "150070"
},
{
"db": "PACKETSTORM",
"id": "150057"
},
{
"db": "PACKETSTORM",
"id": "148917"
},
{
"db": "PACKETSTORM",
"id": "149832"
},
{
"db": "PACKETSTORM",
"id": "150315"
},
{
"db": "PACKETSTORM",
"id": "150191"
},
{
"db": "PACKETSTORM",
"id": "150314"
},
{
"db": "PACKETSTORM",
"id": "148916"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-570"
},
{
"db": "NVD",
"id": "CVE-2018-5391"
}
]
},
"id": "VAR-201809-1153",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-135422"
}
],
"trust": 0.593355446
},
"last_update_date": "2024-07-23T19:24:37.507000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Linux kernel Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=84156"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20182846 - security advisory"
},
{
"title": "Red Hat: Important: kernel security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20183459 - security advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20182785 - security advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20182925 - security advisory"
},
{
"title": "Debian Security Advisories: DSA-4272-1 linux -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=c4fc75c3940ecd62e6e3d43c90c1ead1"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20182791 - security advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20182924 - security advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20183590 - security advisory"
},
{
"title": "Red Hat: Important: kernel security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20183540 - security advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20182933 - security advisory"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20183586 - security advisory"
},
{
"title": "Arch Linux Advisories: [ASA-201903-11] linux-hardened: denial of service",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201903-11"
},
{
"title": "Ubuntu Security Notice: linux-hwe, linux-azure, linux-gcp vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3740-2"
},
{
"title": "IBM: IBM Security Bulletin: Vulnerability in the Linux kernel affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (CVE-2018-5391)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=0e5803196f7b186e3c0e200d43325ad6"
},
{
"title": "Red Hat: CVE-2018-5391",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2018-5391"
},
{
"title": "Cisco: Linux Kernel IP Fragment Reassembly Denial of Service Vulnerability Affecting Cisco Products: August 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20180824-linux-ip-fragment"
},
{
"title": "Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3740-1"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2018-5391"
},
{
"title": "Ubuntu Security Notice: linux regressions",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3741-3"
},
{
"title": "Ubuntu Security Notice: linux-lts-xenial, linux-aws vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3741-2"
},
{
"title": "IBM: IBM Security Bulletin: This Power System update is being released to address CVE-2018-5391",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c5babfeb02fdf3e145c777d8eb6dfd0f"
},
{
"title": "Ubuntu Security Notice: linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3741-1"
},
{
"title": "IBM: IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2018-5391)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=cb5671de27781f97454cf1b56d2087e0"
},
{
"title": "IBM: IBM Security Bulletin: IBM MQ Appliance is affected by a kernel vulnerability (CVE-2018-5391)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=4b24750b4f4494d02c26c4b32a0e107a"
},
{
"title": "Ubuntu Security Notice: linux-lts-trusty regressions",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3742-3"
},
{
"title": "Ubuntu Security Notice: linux-lts-trusty vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3742-2"
},
{
"title": "Ubuntu Security Notice: linux vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3742-1"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=d3eead9065d15844d9f0f319ebc3ef51"
},
{
"title": "Amazon Linux AMI: ALAS-2018-1058",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2018-1058"
},
{
"title": "Amazon Linux 2: ALAS2-2018-1058",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2018-1058"
},
{
"title": "Palo Alto Networks Security Advisory: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=palo_alto_networks_security_advisory\u0026qid=0944feb15e174ce784cc2c5c40d923ea"
},
{
"title": "Red Hat: Important: kernel-alt security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20182948 - security advisory"
},
{
"title": "Palo Alto Networks Security Advisory: CVE-2018-5391 Information about FragmentSmack findings",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=palo_alto_networks_security_advisory\u0026qid=3c616fb9e55ec6924cfd6ba2622c6c7e"
},
{
"title": "Red Hat: Important: kernel security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20183083 - security advisory"
},
{
"title": "Red Hat: Important: kernel-rt security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20183096 - security advisory"
},
{
"title": "Symantec Security Advisories: Linux Kernel Aug 2017 - Sep 2018 Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=b3193a96468975c04eb9f136ca9abec4"
},
{
"title": "IBM: IBM Security Bulletin: IBM Security Guardium is affected by Red Hat kernel vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=75b9d198a73a91d81765c8b428423224"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=204a1aa9ebf7b5f47151e8b011269862"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=05b5bbd6fb289370b459faf1f4e3919d"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=9cb9a8ed428c6faca615e91d2f1a216d"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Security Vulnerabilities have been fixed in IBM Security Privileged Identity Manager Appliance.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=f5bb2b180c7c77e5a02747a1f31830d9"
},
{
"title": "IBM: IBM Security Bulletin: IBM API Connect has addressed multiple vulnerabilities in Developer Portal\u2019s dependencies \u2013 Cumulative list from June 28, 2018 to December 13, 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=43da2cd72c1e378d8d94ecec029fcc61"
},
{
"title": "my_ref",
"trust": 0.1,
"url": "https://github.com/chetanshirke/my_ref "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/ozipoetra/natvps-dns "
},
{
"title": "cve_diff_checker",
"trust": 0.1,
"url": "https://github.com/lcatro/cve_diff_checker "
},
{
"title": "SamsungReleaseNotes",
"trust": 0.1,
"url": "https://github.com/samreleasenotes/samsungreleasenotes "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/windows-systems-vulnerable-to-fragmentsmack-90s-like-dos-bug/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/linux/two-ddos-friendly-bugs-fixed-in-linux-kernel/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/over-80-cisco-products-affected-by-fragmentsmack-dos-bug/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-5391"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-570"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135422"
},
{
"db": "NVD",
"id": "CVE-2018-5391"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.securityfocus.com/bid/105108"
},
{
"trust": 2.4,
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"trust": 2.2,
"url": "https://www.kb.cert.org/vuls/id/641765"
},
{
"trust": 2.1,
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f"
},
{
"trust": 2.1,
"url": "https://usn.ubuntu.com/3740-1/"
},
{
"trust": 2.1,
"url": "https://usn.ubuntu.com/3740-2/"
},
{
"trust": 2.1,
"url": "https://usn.ubuntu.com/3741-1/"
},
{
"trust": 2.1,
"url": "https://usn.ubuntu.com/3741-2/"
},
{
"trust": 2.1,
"url": "https://usn.ubuntu.com/3742-1/"
},
{
"trust": 2.1,
"url": "https://usn.ubuntu.com/3742-2/"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2018:2925"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2018:2948"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2018:3096"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2018:3459"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2018:3540"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2018:3590"
},
{
"trust": 1.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2018-004.txt"
},
{
"trust": 1.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en"
},
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20181003-0002/"
},
{
"trust": 1.8,
"url": "https://www.debian.org/security/2018/dsa-4272"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2785"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2791"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2846"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2924"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2933"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:3083"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:3586"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1041476"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1041637"
},
{
"trust": 1.1,
"url": "https://support.f5.com/csp/article/k74374841?utm_source=f5support\u0026amp%3butm_medium=rss"
},
{
"trust": 0.9,
"url": "https://access.redhat.com/security/cve/cve-2018-5391"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5391"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18344"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/articles/3553061"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.6,
"url": "https://support.f5.com/csp/article/k74374841?utm_source=f5support\u0026utm_medium=rss"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190541-1.html"
},
{
"trust": 0.6,
"url": "https://security.business.xerox.com/wp-content/uploads/2019/11/cert_security_mini_bulletin_xrx19ak_for_altalinkb80xx-c80xx.pdf"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10872368"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1315/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/75930"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190123-01-linux-cn"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/76246"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10792535"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/76474"
},
{
"trust": 0.6,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180824-linux-ip-fragment"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-05"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/77246"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200115-01-linux-cn"
},
{
"trust": 0.6,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-05"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-18344"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1609664"
},
{
"trust": 0.3,
"url": "http://www.kernel.org/"
},
{
"trust": 0.3,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180022"
},
{
"trust": 0.3,
"url": "https://securityadvisories.paloaltonetworks.com/home/detail/131"
},
{
"trust": 0.3,
"url": "https://www.oracle.com/technetwork/topics/security/linuxbulletinoct2018-5142979.html"
},
{
"trust": 0.3,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/5782-security-advisory-37"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2018-14634"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10675"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14634"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2018-10675"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/vulnerabilities/mutagen-astronomy"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-1120"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10883"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-5803"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10881"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10322"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-10878"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-13405"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18208"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17805"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1000026"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-17805"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-10879"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-10883"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-10322"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10879"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1092"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-10881"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1118"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-1000026"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-8781"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-18208"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-5344"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-1094"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-10940"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-1092"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1094"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-7757"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10940"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-5848"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-1118"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10878"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1120"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3646"
},
{
"trust": 0.2,
"url": "https://wiki.ubuntu.com/securityteam/knowledgebase/l1tf"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5390"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3620"
},
{
"trust": 0.1,
"url": "https://support.f5.com/csp/article/k74374841?utm_source=f5support\u0026amp;amp;utm_medium=rss"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://github.com/chetanshirke/my_ref"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=58766"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-7566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1000200"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-16648"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10880"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-10882"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-1065"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14619"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10877"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-10880"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10882"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-12232"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-3639"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-1000200"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-10877"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-1000204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16648"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/vulnerabilities/ssbd"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-11506"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-5750"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/3658021"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18075"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13166"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-17806"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-5390"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-13166"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-9363"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14641"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1065"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-1068"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1068"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-1095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1000204"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-18075"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17806"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-7740"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5803"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-18232"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5344"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-13405"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18232"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-0861"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1130"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-10661"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-10902"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-8830"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7740"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4913"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10902"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-0861"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8830"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5848"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4913"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-1130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-10661"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3742-2"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3742-1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/3674801"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/3684891"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1027.30"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3741-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-133.159~14.04.1"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3741-2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135422"
},
{
"db": "VULMON",
"id": "CVE-2018-5391"
},
{
"db": "BID",
"id": "105108"
},
{
"db": "PACKETSTORM",
"id": "150070"
},
{
"db": "PACKETSTORM",
"id": "150057"
},
{
"db": "PACKETSTORM",
"id": "148917"
},
{
"db": "PACKETSTORM",
"id": "149832"
},
{
"db": "PACKETSTORM",
"id": "150315"
},
{
"db": "PACKETSTORM",
"id": "150191"
},
{
"db": "PACKETSTORM",
"id": "150314"
},
{
"db": "PACKETSTORM",
"id": "148916"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-570"
},
{
"db": "NVD",
"id": "CVE-2018-5391"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-135422"
},
{
"db": "VULMON",
"id": "CVE-2018-5391"
},
{
"db": "BID",
"id": "105108"
},
{
"db": "PACKETSTORM",
"id": "150070"
},
{
"db": "PACKETSTORM",
"id": "150057"
},
{
"db": "PACKETSTORM",
"id": "148917"
},
{
"db": "PACKETSTORM",
"id": "149832"
},
{
"db": "PACKETSTORM",
"id": "150315"
},
{
"db": "PACKETSTORM",
"id": "150191"
},
{
"db": "PACKETSTORM",
"id": "150314"
},
{
"db": "PACKETSTORM",
"id": "148916"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-570"
},
{
"db": "NVD",
"id": "CVE-2018-5391"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-06T00:00:00",
"db": "VULHUB",
"id": "VHN-135422"
},
{
"date": "2018-09-06T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5391"
},
{
"date": "2018-08-14T00:00:00",
"db": "BID",
"id": "105108"
},
{
"date": "2018-10-31T01:11:59",
"db": "PACKETSTORM",
"id": "150070"
},
{
"date": "2018-10-31T01:00:50",
"db": "PACKETSTORM",
"id": "150057"
},
{
"date": "2018-08-15T04:43:02",
"db": "PACKETSTORM",
"id": "148917"
},
{
"date": "2018-10-17T15:42:22",
"db": "PACKETSTORM",
"id": "149832"
},
{
"date": "2018-11-14T01:33:23",
"db": "PACKETSTORM",
"id": "150315"
},
{
"date": "2018-11-06T21:04:13",
"db": "PACKETSTORM",
"id": "150191"
},
{
"date": "2018-11-14T01:33:01",
"db": "PACKETSTORM",
"id": "150314"
},
{
"date": "2018-08-15T04:42:57",
"db": "PACKETSTORM",
"id": "148916"
},
{
"date": "2018-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-570"
},
{
"date": "2018-09-06T21:29:00.363000",
"db": "NVD",
"id": "CVE-2018-5391"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-28T00:00:00",
"db": "VULHUB",
"id": "VHN-135422"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5391"
},
{
"date": "2019-02-15T14:00:00",
"db": "BID",
"id": "105108"
},
{
"date": "2022-12-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-570"
},
{
"date": "2023-11-07T02:58:42.587000",
"db": "NVD",
"id": "CVE-2018-5391"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-570"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux kernel Input validation error vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-570"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-570"
}
],
"trust": 0.6
}
}
VAR-201903-1504
Vulnerability from variot - Updated: 2023-12-18 13:48A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-1504",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "powershell core",
"scope": "eq",
"trust": 2.1,
"vendor": "microsoft",
"version": "6.2"
},
{
"model": "powershell core",
"scope": "eq",
"trust": 2.1,
"vendor": "microsoft",
"version": "6.1"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1809"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1607"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1703"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1703 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1703 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for 64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for x64-based systems"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 (server core installation)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 (server core installation)"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core installation)"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core installation)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20190"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20160"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "18030"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "17090"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
}
],
"sources": [
{
"db": "BID",
"id": "106857"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002191"
},
{
"db": "NVD",
"id": "CVE-2019-0627"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:powershell_core:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:powershell_core:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0627"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Graeber from SpecterOps.",
"sources": [
{
"db": "BID",
"id": "106857"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-347"
}
],
"trust": 0.9
},
"cve": "CVE-2019-0627",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-0627",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-0627",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-0627",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201902-347",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-0627",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0627"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002191"
},
{
"db": "NVD",
"id": "CVE-2019-0627"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-347"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka \u0027Windows Security Feature Bypass Vulnerability\u0027. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0627"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002191"
},
{
"db": "BID",
"id": "106857"
},
{
"db": "VULMON",
"id": "CVE-2019-0627"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0627",
"trust": 2.8
},
{
"db": "BID",
"id": "106857",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002191",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201902-347",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-0627",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0627"
},
{
"db": "BID",
"id": "106857"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002191"
},
{
"db": "NVD",
"id": "CVE-2019-0627"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-347"
}
]
},
"id": "VAR-201903-1504",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.21178882
},
"last_update_date": "2023-12-18T13:48:00.504000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CVE-2019-0627 | Windows Security Feature Bypass Vulnerability",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-0627"
},
{
"title": "CVE-2019-0627 | Windows \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u6a5f\u80fd\u306e\u30d0\u30a4\u30d1\u30b9\u306e\u8106\u5f31\u6027",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/cve-2019-0627"
},
{
"title": "Microsoft Windows Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=89161"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/mattifestation/mattifestation "
},
{
"title": "Symantec Threat Intelligence Blog",
"trust": 0.1,
"url": "https://www.symantec.com/blogs/threat-intelligence/microsoft-patch-tuesday-february-2019"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0627"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002191"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-347"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002191"
},
{
"db": "NVD",
"id": "CVE-2019-0627"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/106857"
},
{
"trust": 2.0,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-0627"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0627"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0627"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20190213-ms.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2019/at190006.html"
},
{
"trust": 0.3,
"url": "https://github.com/powershell/announcements/issues/13"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/106857"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0627"
},
{
"db": "BID",
"id": "106857"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002191"
},
{
"db": "NVD",
"id": "CVE-2019-0627"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-347"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2019-0627"
},
{
"db": "BID",
"id": "106857"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002191"
},
{
"db": "NVD",
"id": "CVE-2019-0627"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-347"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-05T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0627"
},
{
"date": "2019-02-12T00:00:00",
"db": "BID",
"id": "106857"
},
{
"date": "2019-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002191"
},
{
"date": "2019-03-05T23:29:01.223000",
"db": "NVD",
"id": "CVE-2019-0627"
},
{
"date": "2019-02-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201902-347"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0627"
},
{
"date": "2019-02-21T05:00:00",
"db": "BID",
"id": "106857"
},
{
"date": "2019-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002191"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-0627"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201902-347"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "106857"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-347"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Microsoft Windows Vulnerabilities that bypass security functions in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002191"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201902-347"
}
],
"trust": 0.6
}
}
VAR-201905-0993
Vulnerability from variot - Updated: 2023-12-18 13:18A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'. Microsoft Windows is prone to a local security-bypass vulnerability. A local attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0993",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1809"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1607"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1903"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1903"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1703"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1703 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1703 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for 64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1903 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1903 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1903 for x64-based systems"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 (server core installation)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1903 (server core installation)"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core installation)"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core installation)"
},
{
"model": "powershell core",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "6.1"
},
{
"model": "powershell core",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "6.2"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20190"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "19030"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "18030"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2016"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1019030"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1019030"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1019030"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
}
],
"sources": [
{
"db": "BID",
"id": "108256"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004750"
},
{
"db": "NVD",
"id": "CVE-2019-0733"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0733"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Graeber of SpecterOps",
"sources": [
{
"db": "BID",
"id": "108256"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-408"
}
],
"trust": 0.9
},
"cve": "CVE-2019-0733",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-0733",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2019-0733",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-0733",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-408",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-0733",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0733"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004750"
},
{
"db": "NVD",
"id": "CVE-2019-0733"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-408"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka \u0027Windows Defender Application Control Security Feature Bypass Vulnerability\u0027. Microsoft Windows is prone to a local security-bypass vulnerability. \nA local attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0733"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004750"
},
{
"db": "BID",
"id": "108256"
},
{
"db": "VULMON",
"id": "CVE-2019-0733"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0733",
"trust": 2.8
},
{
"db": "BID",
"id": "108256",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004750",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-408",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-0733",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0733"
},
{
"db": "BID",
"id": "108256"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004750"
},
{
"db": "NVD",
"id": "CVE-2019-0733"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-408"
}
]
},
"id": "VAR-201905-0993",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.21178882
},
"last_update_date": "2023-12-18T13:18:42.977000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CVE-2019-0733 | Windows Defender Application Control Security Feature Bypass Vulnerability",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-0733"
},
{
"title": "CVE-2019-0733 | Windows Defender \u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u5236\u5fa1\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u6a5f\u80fd\u306e\u30d0\u30a4\u30d1\u30b9\u306e\u8106\u5f31\u6027",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/cve-2019-0733"
},
{
"title": "Microsoft Windows Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=92557"
},
{
"title": "Symantec Threat Intelligence Blog",
"trust": 0.1,
"url": "https://www.symantec.com/blogs/threat-intelligence/microsoft-patch-tuesday-may-2019"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0733"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004750"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-408"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004750"
},
{
"db": "NVD",
"id": "CVE-2019-0733"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-0733"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0733"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/108256"
},
{
"trust": 0.9,
"url": "http://www.microsoft.com/windows/default.mspx"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0733"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20190515-ms.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2019/at190023.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/windows-vulnerabilities-of-may-2019-29301"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/108256"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-0733"
},
{
"db": "BID",
"id": "108256"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004750"
},
{
"db": "NVD",
"id": "CVE-2019-0733"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-408"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2019-0733"
},
{
"db": "BID",
"id": "108256"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004750"
},
{
"db": "NVD",
"id": "CVE-2019-0733"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-408"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-16T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0733"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108256"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004750"
},
{
"date": "2019-05-16T19:29:00.613000",
"db": "NVD",
"id": "CVE-2019-0733"
},
{
"date": "2019-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-408"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-0733"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108256"
},
{
"date": "2019-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004750"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-0733"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-408"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "108256"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-408"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Microsoft Windows Products and PowerShell Core of Windows Defender Application Control Vulnerabilities that bypass security functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004750"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-408"
}
],
"trust": 0.6
}
}
VAR-201606-0511
Vulnerability from variot - Updated: 2023-12-18 13:03Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. This case MS16-083 This is a different vulnerability than the other vulnerabilities listed on the list.It may be affected unspecified. Adobe AIR is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. Adobe AIR 21.0.0.215 and prior are vulnerable. The former is the default browser included with operating systems prior to Windows 10; the latter is the default browser included with Windows 10, the latest operating system. in the United States. The former is a multimedia player product library; the latter is a cross-platform, browser-based multimedia player product
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0511",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "21.0.0.215"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.626 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "22.0.0.192 (windows 10/8.1 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "22.0.0.192 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 22.0.0.192 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.360 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player for linux",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.621"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "21.0.0.242"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.352"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.4"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.3"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3.9130"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3.9120"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.3"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.2.0.2080"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.2.0.2070"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.1.0.4880"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.0"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1.1961"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.7"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19140"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6.19120"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.6"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.5.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.2.12610"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2.0.2"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.5"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.1"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.01"
},
{
"model": "air",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "1.0"
}
],
"sources": [
{
"db": "BID",
"id": "91252"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003237"
},
{
"db": "NVD",
"id": "CVE-2016-4126"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-390"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "21.0.0.215",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4126"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alec Blance",
"sources": [
{
"db": "BID",
"id": "91252"
}
],
"trust": 0.3
},
"cve": "CVE-2016-4126",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-4126",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-92945",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-4126",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-4126",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201606-390",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-92945",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-4126",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92945"
},
{
"db": "VULMON",
"id": "CVE-2016-4126"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003237"
},
{
"db": "NVD",
"id": "CVE-2016-4126"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-390"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. This case MS16-083 This is a different vulnerability than the other vulnerabilities listed on the list.It may be affected unspecified. Adobe AIR is prone to a remote code-execution vulnerability. \nAttackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. \nAdobe AIR 21.0.0.215 and prior are vulnerable. The former is the default browser included with operating systems prior to Windows 10; the latter is the default browser included with Windows 10, the latest operating system. in the United States. The former is a multimedia player product library; the latter is a cross-platform, browser-based multimedia player product",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4126"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003237"
},
{
"db": "BID",
"id": "91252"
},
{
"db": "VULHUB",
"id": "VHN-92945"
},
{
"db": "VULMON",
"id": "CVE-2016-4126"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4126",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003237",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201606-390",
"trust": 0.7
},
{
"db": "BID",
"id": "91252",
"trust": 0.5
},
{
"db": "VULHUB",
"id": "VHN-92945",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-4126",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92945"
},
{
"db": "VULMON",
"id": "CVE-2016-4126"
},
{
"db": "BID",
"id": "91252"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003237"
},
{
"db": "NVD",
"id": "CVE-2016-4126"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-390"
}
]
},
"id": "VAR-201606-0511",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-92945"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:03:17.985000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-18",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-18.html"
},
{
"title": "APSB16-18",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/flash-player/apsb16-18.html"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "MS16-083",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-083.aspx"
},
{
"title": "MS16-083",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-083.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160620f.html"
},
{
"title": "Microsoft Internet Explorer and Microsoft Edge Adobe Flash Player Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62319"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-4126 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-4126"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003237"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-390"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4126"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://helpx.adobe.com/security/products/air/apsb16-23.html"
},
{
"trust": 1.8,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4126"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160615-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160026.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4126"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=18592"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-4126"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/91252"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92945"
},
{
"db": "VULMON",
"id": "CVE-2016-4126"
},
{
"db": "BID",
"id": "91252"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003237"
},
{
"db": "NVD",
"id": "CVE-2016-4126"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-390"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-92945"
},
{
"db": "VULMON",
"id": "CVE-2016-4126"
},
{
"db": "BID",
"id": "91252"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003237"
},
{
"db": "NVD",
"id": "CVE-2016-4126"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-390"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-16T00:00:00",
"db": "VULHUB",
"id": "VHN-92945"
},
{
"date": "2016-06-16T00:00:00",
"db": "VULMON",
"id": "CVE-2016-4126"
},
{
"date": "2016-06-16T00:00:00",
"db": "BID",
"id": "91252"
},
{
"date": "2016-06-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003237"
},
{
"date": "2016-06-16T14:59:07.230000",
"db": "NVD",
"id": "CVE-2016-4126"
},
{
"date": "2016-06-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-390"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-26T00:00:00",
"db": "VULHUB",
"id": "VHN-92945"
},
{
"date": "2023-01-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-4126"
},
{
"date": "2016-07-06T15:01:00",
"db": "BID",
"id": "91252"
},
{
"date": "2016-06-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003237"
},
{
"date": "2023-01-26T20:57:43.693000",
"db": "NVD",
"id": "CVE-2016-4126"
},
{
"date": "2021-09-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-390"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-390"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Internet Explorer and Microsoft Edge of Adobe Flash Used in library Adobe Flash Player Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003237"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-390"
}
],
"trust": 0.6
}
}
VAR-201903-1507
Vulnerability from variot - Updated: 2023-12-18 12:50A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0632. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-1507",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "powershell core",
"scope": "eq",
"trust": 1.8,
"vendor": "microsoft",
"version": "6.1"
},
{
"model": "powershell core",
"scope": "eq",
"trust": 1.8,
"vendor": "microsoft",
"version": "6.2"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1809"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1607"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1703"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1703 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1703 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for 64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for x64-based systems"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 (server core installation)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 (server core installation)"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core installation)"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core installation)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20190"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20160"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "18030"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "17090"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
}
],
"sources": [
{
"db": "BID",
"id": "106875"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002157"
},
{
"db": "NVD",
"id": "CVE-2019-0631"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:powershell_core:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:powershell_core:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0631"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Graeber from SpecterOps.",
"sources": [
{
"db": "BID",
"id": "106875"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-517"
}
],
"trust": 0.9
},
"cve": "CVE-2019-0631",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-0631",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-0631",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-0631",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201902-517",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002157"
},
{
"db": "NVD",
"id": "CVE-2019-0631"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-517"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka \u0027Windows Security Feature Bypass Vulnerability\u0027. This CVE ID is unique from CVE-2019-0627, CVE-2019-0632. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0631"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002157"
},
{
"db": "BID",
"id": "106875"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0631",
"trust": 2.7
},
{
"db": "BID",
"id": "106875",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002157",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201902-517",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "106875"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002157"
},
{
"db": "NVD",
"id": "CVE-2019-0631"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-517"
}
]
},
"id": "VAR-201903-1507",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.21178882
},
"last_update_date": "2023-12-18T12:50:23.925000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CVE-2019-0631 | Windows Security Feature Bypass Vulnerability",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-0631"
},
{
"title": "CVE-2019-0631 | Windows \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u6a5f\u80fd\u306e\u30d0\u30a4\u30d1\u30b9\u306e\u8106\u5f31\u6027",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/cve-2019-0631"
},
{
"title": "Microsoft Windows Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=89328"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002157"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-517"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002157"
},
{
"db": "NVD",
"id": "CVE-2019-0631"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-0631"
},
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/106875"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0631"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-cve-2019-0631"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20190213-ms.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2019/at190006.html"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com"
}
],
"sources": [
{
"db": "BID",
"id": "106875"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002157"
},
{
"db": "NVD",
"id": "CVE-2019-0631"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-517"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "106875"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002157"
},
{
"db": "NVD",
"id": "CVE-2019-0631"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-517"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-12T00:00:00",
"db": "BID",
"id": "106875"
},
{
"date": "2019-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002157"
},
{
"date": "2019-03-05T23:29:01.333000",
"db": "NVD",
"id": "CVE-2019-0631"
},
{
"date": "2019-02-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201902-517"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-12T00:00:00",
"db": "BID",
"id": "106875"
},
{
"date": "2019-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002157"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-0631"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201902-517"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "106875"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-517"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Microsoft Windows Vulnerabilities that bypass security functions in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002157"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201902-517"
}
],
"trust": 0.6
}
}
VAR-201811-0477
Vulnerability from variot - Updated: 2023-12-18 12:43A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code, aka "Microsoft PowerShell Tampering Vulnerability." This affects Windows 7, PowerShell Core 6.1, Windows Server 2012 R2, Windows RT 8.1, PowerShell Core 6.0, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. plural Microsoft Windows Product and PowerShell Core Contains a vulnerability that can be tampered with. The vendor Microsoft PowerShell Has been disclosed as "Tampering Vulnerability".An attacker could execute code that is not logged. Microsoft Powershell is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0477",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "powershell core",
"scope": "eq",
"trust": 2.7,
"vendor": "microsoft",
"version": "6.1"
},
{
"model": "powershell core",
"scope": "eq",
"trust": 2.7,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 1.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "1809"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "windows 7",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "1607"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "1703"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "windows rt 8.1",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1703 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1703 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for 64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for x64-based systems"
},
{
"model": "windows 7",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems sp1"
},
{
"model": "windows 7",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems sp1"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 (server core installation)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 (server core installation)"
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2 for x64-based systems sp1"
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2 for x64-based systems sp1 (server core installation)"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core installation)"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2 (server core installation)"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core installation)"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core installation)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20190"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20160"
},
{
"model": "windows server r2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "windows server r2 for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "18030"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "17090"
},
{
"model": "windows rt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.1"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
}
],
"sources": [
{
"db": "BID",
"id": "105792"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010458"
},
{
"db": "NVD",
"id": "CVE-2018-8415"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-358"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:powershell_core:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:powershell_core:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-8415"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Amirreza Niakanlahiji (@DissectMalware) of University of North Carolina at Charlotte and Amirreza Niakanlahiji of University of North Carolina at Charlotte",
"sources": [
{
"db": "BID",
"id": "105792"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-358"
}
],
"trust": 0.9
},
"cve": "CVE-2018-8415",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-8415",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-8415",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-8415",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-358",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010458"
},
{
"db": "NVD",
"id": "CVE-2018-8415"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-358"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code, aka \"Microsoft PowerShell Tampering Vulnerability.\" This affects Windows 7, PowerShell Core 6.1, Windows Server 2012 R2, Windows RT 8.1, PowerShell Core 6.0, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. plural Microsoft Windows Product and PowerShell Core Contains a vulnerability that can be tampered with. The vendor Microsoft PowerShell Has been disclosed as \"Tampering Vulnerability\".An attacker could execute code that is not logged. Microsoft Powershell is prone to a security bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-8415"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010458"
},
{
"db": "BID",
"id": "105792"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-8415",
"trust": 2.7
},
{
"db": "BID",
"id": "105792",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1042108",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010458",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-358",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "105792"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010458"
},
{
"db": "NVD",
"id": "CVE-2018-8415"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-358"
}
]
},
"id": "VAR-201811-0477",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.21178882
},
"last_update_date": "2023-12-18T12:43:45.619000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CVE-2018-8415 | Microsoft PowerShell Tampering Vulnerability",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8415"
},
{
"title": "CVE-2018-8415 | Microsoft PowerShell \u306e\u6539\u3056\u3093\u306e\u8106\u5f31\u6027",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/cve-2018-8415"
},
{
"title": "Microsoft PowerShell Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=86766"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010458"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-358"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010458"
},
{
"db": "NVD",
"id": "CVE-2018-8415"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8415"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/105792"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1042108"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8415"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20181114-ms.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2018/at180046.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-8415"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com"
}
],
"sources": [
{
"db": "BID",
"id": "105792"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010458"
},
{
"db": "NVD",
"id": "CVE-2018-8415"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-358"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "105792"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010458"
},
{
"db": "NVD",
"id": "CVE-2018-8415"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-358"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-13T00:00:00",
"db": "BID",
"id": "105792"
},
{
"date": "2018-12-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010458"
},
{
"date": "2018-11-14T01:29:00.380000",
"db": "NVD",
"id": "CVE-2018-8415"
},
{
"date": "2018-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-358"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-13T00:00:00",
"db": "BID",
"id": "105792"
},
{
"date": "2018-12-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010458"
},
{
"date": "2018-12-13T18:13:48.827000",
"db": "NVD",
"id": "CVE-2018-8415"
},
{
"date": "2018-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-358"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "105792"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-358"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Microsoft Windows Product and PowerShell Core Vulnerabilities to be tampered with",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010458"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-358"
}
],
"trust": 0.6
}
}
VAR-201811-0470
Vulnerability from variot - Updated: 2023-12-18 12:43A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012, Windows Server 2008 R2, Windows Server 2019, Windows 7, Windows Server 2012 R2, PowerShell Core 6.1, Windows 10 Servers, Windows 10, Windows 8.1. Vendors have identified this vulnerability as " Microsoft PowerShell Is a remote code execution vulnerability.The code could be executed remotely. Successfully exploiting this issue may result in the execution of arbitrary code in the context of the affected system. Failed exploit attempts will likely result in denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0470",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "powershell core",
"scope": "eq",
"trust": 2.7,
"vendor": "microsoft",
"version": "6.1"
},
{
"model": "powershell core",
"scope": "eq",
"trust": 2.7,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "microsoft.powershell.archive",
"scope": "eq",
"trust": 2.4,
"vendor": "microsoft",
"version": "1.2.2.0"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 1.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "1809"
},
{
"model": "windows 7",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "1607"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "1703"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows rt 8.1",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1703 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1703 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for 64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for x64-based systems"
},
{
"model": "windows 7",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems sp1"
},
{
"model": "windows 7",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems sp1"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 (server core installation)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 (server core installation)"
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2 for itanium-based systems sp1"
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2 for x64-based systems sp1"
},
{
"model": "windows server 2008",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2 for x64-based systems sp1 (server core installation)"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core installation)"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2 (server core installation)"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core installation)"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core installation)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20190"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20160"
},
{
"model": "windows server r2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "windows server r2 for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "windows server r2 for itanium-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "18030"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "17090"
},
{
"model": "windows rt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.1"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "powershell.archive",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1.2.2.0"
}
],
"sources": [
{
"db": "BID",
"id": "105781"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010457"
},
{
"db": "NVD",
"id": "CVE-2018-8256"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-347"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:powershell_core:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:powershell_core:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:microsoft.powershell.archive:1.2.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-8256"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Snyk Security Research Team",
"sources": [
{
"db": "BID",
"id": "105781"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-347"
}
],
"trust": 0.9
},
"cve": "CVE-2018-8256",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-8256",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-8256",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-8256",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-347",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010457"
},
{
"db": "NVD",
"id": "CVE-2018-8256"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-347"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka \"Microsoft PowerShell Remote Code Execution Vulnerability.\" This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012, Windows Server 2008 R2, Windows Server 2019, Windows 7, Windows Server 2012 R2, PowerShell Core 6.1, Windows 10 Servers, Windows 10, Windows 8.1. Vendors have identified this vulnerability as \" Microsoft PowerShell Is a remote code execution vulnerability.The code could be executed remotely. \nSuccessfully exploiting this issue may result in the execution of arbitrary code in the context of the affected system. Failed exploit attempts will likely result in denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-8256"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010457"
},
{
"db": "BID",
"id": "105781"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-8256",
"trust": 2.7
},
{
"db": "BID",
"id": "105781",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1042108",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010457",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-347",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "105781"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010457"
},
{
"db": "NVD",
"id": "CVE-2018-8256"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-347"
}
]
},
"id": "VAR-201811-0470",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.21178882
},
"last_update_date": "2023-12-18T12:43:45.647000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CVE-2018-8256 | Microsoft PowerShell Remote Code Execution Vulnerability",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8256"
},
{
"title": "CVE-2018-8256 | Microsoft PowerShell \u306e\u30ea\u30e2\u30fc\u30c8\u3067\u30b3\u30fc\u30c9\u304c\u5b9f\u884c\u3055\u308c\u308b\u8106\u5f31\u6027",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/cve-2018-8256"
},
{
"title": "Microsoft PowerShell Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=86755"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010457"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-347"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010457"
},
{
"db": "NVD",
"id": "CVE-2018-8256"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8256"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/105781"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id/1042108"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8256"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20181114-ms.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2018/at180046.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-8256"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/"
}
],
"sources": [
{
"db": "BID",
"id": "105781"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010457"
},
{
"db": "NVD",
"id": "CVE-2018-8256"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-347"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "105781"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010457"
},
{
"db": "NVD",
"id": "CVE-2018-8256"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-347"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-13T00:00:00",
"db": "BID",
"id": "105781"
},
{
"date": "2018-12-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010457"
},
{
"date": "2018-11-14T01:29:00.253000",
"db": "NVD",
"id": "CVE-2018-8256"
},
{
"date": "2018-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-347"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-13T00:00:00",
"db": "BID",
"id": "105781"
},
{
"date": "2018-12-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010457"
},
{
"date": "2021-09-30T16:07:32.147000",
"db": "NVD",
"id": "CVE-2018-8256"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-347"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-347"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Microsoft Windows Product Remote Code Execution Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010457"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-347"
}
],
"trust": 0.6
}
}
VAR-201903-1508
Vulnerability from variot - Updated: 2023-12-18 12:43A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0631. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-1508",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "powershell core",
"scope": "eq",
"trust": 2.1,
"vendor": "microsoft",
"version": "6.2"
},
{
"model": "powershell core",
"scope": "eq",
"trust": 2.1,
"vendor": "microsoft",
"version": "6.1"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1809"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1607"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1703"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1703 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1703 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for 64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for x64-based systems"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 (server core installation)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 (server core installation)"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core installation)"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core installation)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20190"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20160"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "18030"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "17090"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018090"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1018030"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for arm64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017090"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
}
],
"sources": [
{
"db": "BID",
"id": "106880"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002158"
},
{
"db": "NVD",
"id": "CVE-2019-0632"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:powershell_core:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:powershell_core:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0632"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Graeber from SpecterOps.",
"sources": [
{
"db": "BID",
"id": "106880"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-364"
}
],
"trust": 0.9
},
"cve": "CVE-2019-0632",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-0632",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-0632",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-0632",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201902-364",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002158"
},
{
"db": "NVD",
"id": "CVE-2019-0632"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-364"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka \u0027Windows Security Feature Bypass Vulnerability\u0027. This CVE ID is unique from CVE-2019-0627, CVE-2019-0631. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0632"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002158"
},
{
"db": "BID",
"id": "106880"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0632",
"trust": 2.7
},
{
"db": "BID",
"id": "106880",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002158",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201902-364",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "106880"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002158"
},
{
"db": "NVD",
"id": "CVE-2019-0632"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-364"
}
]
},
"id": "VAR-201903-1508",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.21178882
},
"last_update_date": "2023-12-18T12:43:35.701000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CVE-2019-0632 | Windows Security Feature Bypass Vulnerability",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-0632"
},
{
"title": "CVE-2019-0632 | Windows \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u6a5f\u80fd\u306e\u30d0\u30a4\u30d1\u30b9\u306e\u8106\u5f31\u6027",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/cve-2019-0632"
},
{
"title": "Microsoft Windows Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=89178"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002158"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-364"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002158"
},
{
"db": "NVD",
"id": "CVE-2019-0632"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/106880"
},
{
"trust": 1.9,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-0632"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0632"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-cve-2019-0632"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20190213-ms.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2019/at190006.html"
},
{
"trust": 0.3,
"url": "https://github.com/powershell/announcements/issues/13"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com"
}
],
"sources": [
{
"db": "BID",
"id": "106880"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002158"
},
{
"db": "NVD",
"id": "CVE-2019-0632"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-364"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "106880"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002158"
},
{
"db": "NVD",
"id": "CVE-2019-0632"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-364"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-12T00:00:00",
"db": "BID",
"id": "106880"
},
{
"date": "2019-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002158"
},
{
"date": "2019-03-05T23:29:01.350000",
"db": "NVD",
"id": "CVE-2019-0632"
},
{
"date": "2019-02-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201902-364"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-21T05:00:00",
"db": "BID",
"id": "106880"
},
{
"date": "2019-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002158"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-0632"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201902-364"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "106880"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-364"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Microsoft Windows Vulnerabilities that bypass security functions in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002158"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201902-364"
}
],
"trust": 0.6
}
}
VAR-201611-0235
Vulnerability from variot - Updated: 2023-12-18 12:20Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability.". According to Microsoft security bulletins, this vulnerability VHD Driver Elevation of Privilege Vulnerability ”. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. https://cwe.mitre.org/data/definitions/284.htmlA local user may be able to gain privileges through a specially crafted application. Microsoft Windows is a series of operating systems released by Microsoft Corporation of the United States. A local attacker can exploit this issue to run processes with elevated privileges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201611-0235",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "1607"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "1511"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for x64-based systems"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems (server core install )"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "10"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "101511"
},
{
"model": "windows",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "101607"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2016"
},
{
"model": "windows server for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20160"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"db": "BID",
"id": "94016"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"db": "NVD",
"id": "CVE-2016-7225"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-7225"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "James Forshaw of Google Project Zero",
"sources": [
{
"db": "BID",
"id": "94016"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
],
"trust": 0.9
},
"cve": "CVE-2016-7225",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-7225",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-11026",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"impactScore": 4.2,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2016-7225",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-7225",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-11026",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-172",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"db": "NVD",
"id": "CVE-2016-7225"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka \"VHD Driver Elevation of Privilege Vulnerability.\". According to Microsoft security bulletins, this vulnerability VHD Driver Elevation of Privilege Vulnerability \u201d. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. https://cwe.mitre.org/data/definitions/284.htmlA local user may be able to gain privileges through a specially crafted application. Microsoft Windows is a series of operating systems released by Microsoft Corporation of the United States. \nA local attacker can exploit this issue to run processes with elevated privileges",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-7225"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"db": "BID",
"id": "94016"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-7225",
"trust": 3.3
},
{
"db": "BID",
"id": "94016",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "40764",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1037248",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005808",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-11026",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "35363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"db": "BID",
"id": "94016"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"db": "NVD",
"id": "CVE-2016-7225"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
]
},
"id": "VAR-201611-0235",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11026"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11026"
}
]
},
"last_update_date": "2023-12-18T12:20:14.339000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MS16-138",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-138.aspx"
},
{
"title": "MS16-138",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-138.aspx"
},
{
"title": "Patch for Microsoft VHD Driver Privilege Escalation Vulnerability (CNVD-2016-11026)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/83743"
},
{
"title": "Microsoft Windows VHD Fixes for driver privilege elevation vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65544"
},
{
"title": "Microsoft Windows VHD Fixes for driver privilege elevation vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65396"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"db": "NVD",
"id": "CVE-2016-7225"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/94016"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1037248"
},
{
"trust": 1.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-138"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/40764/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7225"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20161109-ms.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160046.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7225"
},
{
"trust": 0.6,
"url": "https://technet.microsoft.com/library/security/ms16-138"
},
{
"trust": 0.6,
"url": "http://technet.microsoft.com/security/bulletin/ms16-138"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/35363"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/windows/default.mspx"
},
{
"trust": 0.3,
"url": "http://technet.microsoft.com/en-us/security/bulletin/ms16-138"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"db": "BID",
"id": "94016"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"db": "NVD",
"id": "CVE-2016-7225"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"db": "BID",
"id": "94016"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"db": "NVD",
"id": "CVE-2016-7225"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"date": "2016-11-08T00:00:00",
"db": "BID",
"id": "94016"
},
{
"date": "2016-11-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"date": "2016-11-10T06:59:38.063000",
"db": "NVD",
"id": "CVE-2016-7225"
},
{
"date": "2016-11-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11026"
},
{
"date": "2016-11-24T01:08:00",
"db": "BID",
"id": "94016"
},
{
"date": "2016-11-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005808"
},
{
"date": "2018-10-12T22:14:16.890000",
"db": "NVD",
"id": "CVE-2016-7225"
},
{
"date": "2016-11-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "94016"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Windows 10 and Windows Server 2016 Privilege Escalation Vulnerability in Virtual Hard Disk Driver",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005808"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-172"
}
],
"trust": 0.6
}
}
VAR-202007-0310
Vulnerability from variot - Updated: 2023-12-18 12:16An elevation of privilege vulnerability exists in the way that the Windows Credential Picker handles objects in memory, aka 'Windows Credential Picker Elevation of Privilege Vulnerability'. Mofi Network MOFI4500-4GXeLTE is a wireless router of Mofi Network Company.
Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices have security vulnerabilities, which stem from the inclusion of two undocumented administrator accounts. The sftp and mofidev accounts are defined in etc passwd, and the password is not unique in different installations. No detailed vulnerability details are currently provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202007-0310",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "windows server 2012",
"scope": "eq",
"trust": 1.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1809"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1709"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1607"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "2004"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1803"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "2004"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1909"
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1903"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1909"
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "1903"
},
{
"model": "windows rt 8.1",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": null
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1607 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1709 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1803 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1809 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1903 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1903 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1903 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1909 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1909 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1909 for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 2004 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 2004 for arm64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 2004 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1903 (server core installation)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1909 (server core installation)"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 2004 (server core installation)"
},
{
"model": "windows server 2012",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core installation)"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2 (server core installation)"
},
{
"model": "windows server 2016",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2016",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core installation)"
},
{
"model": "windows server 2019",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2019",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(server core installation)"
},
{
"model": "network mofi4500-4gxelte 3.6.1-std",
"scope": null,
"trust": 0.6,
"vendor": "mofi",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-13971"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007888"
},
{
"db": "NVD",
"id": "CVE-2020-1385"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1385"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Zhiniang Peng (@edwardzpeng) \u0026 Xuefeng Li,Anonymous researcher",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-644"
}
],
"trust": 0.6
},
"cve": "CVE-2020-1385",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-007888",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-13971",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-007888",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-1385",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-007888",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-13971",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202007-644",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-13971"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007888"
},
{
"db": "NVD",
"id": "CVE-2020-1385"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-644"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An elevation of privilege vulnerability exists in the way that the Windows Credential Picker handles objects in memory, aka \u0027Windows Credential Picker Elevation of Privilege Vulnerability\u0027. Mofi Network MOFI4500-4GXeLTE is a wireless router of Mofi Network Company. \n\r\n\r\nMofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices have security vulnerabilities, which stem from the inclusion of two undocumented administrator accounts. The sftp and mofidev accounts are defined in etc passwd, and the password is not unique in different installations. No detailed vulnerability details are currently provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-1385"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007888"
},
{
"db": "CNVD",
"id": "CNVD-2021-13971"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-1385",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007888",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-13971",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "47897",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202007-644",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-13971"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007888"
},
{
"db": "NVD",
"id": "CVE-2020-1385"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-644"
}
]
},
"id": "VAR-202007-0310",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-13971"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-13971"
}
]
},
"last_update_date": "2023-12-18T12:16:38.024000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CVE-2020-1385 | Windows Credential Picker Elevation of Privilege Vulnerability",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2020-1385"
},
{
"title": "CVE-2020-1385 | Windows Credential Picker \u306e\u7279\u6a29\u306e\u6607\u683c\u306e\u8106\u5f31\u6027",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/cve-2020-1385"
},
{
"title": "Patch for Mofi Network MOFI4500-4GXeLTE has unspecified vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/250481"
},
{
"title": "Microsoft Windows Credential Picker Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=124398"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-13971"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007888"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-644"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-269",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007888"
},
{
"db": "NVD",
"id": "CVE-2020-1385"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2020-1385"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1385"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1385"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20200715-ms.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2020/at200029.html"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13858"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/microsoft-windows-vulnerabilities-of-july-2020-32825"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47897"
},
{
"trust": 0.6,
"url": "https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/cve-2020-1385"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-13971"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007888"
},
{
"db": "NVD",
"id": "CVE-2020-1385"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-644"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-13971"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007888"
},
{
"db": "NVD",
"id": "CVE-2020-1385"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-644"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-13971"
},
{
"date": "2020-08-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-007888"
},
{
"date": "2020-07-14T23:15:15.417000",
"db": "NVD",
"id": "CVE-2020-1385"
},
{
"date": "2020-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202007-644"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-13971"
},
{
"date": "2020-08-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-007888"
},
{
"date": "2021-07-21T11:39:23.747000",
"db": "NVD",
"id": "CVE-2020-1385"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202007-644"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-644"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Microsoft Windows Elevated permissions vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007888"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-644"
}
],
"trust": 0.6
}
}
VAR-201603-0279
Vulnerability from variot - Updated: 2023-12-18 12:06Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. This vulnerability CVE-2016-0960 , CVE-2016-0961 , CVE-2016-0986 , CVE-2016-0989 , CVE-2016-0992 , CVE-2016-1002 ,and CVE-2016-1005 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0438-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html Issue date: 2016-03-11 CVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.577.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0960 https://access.redhat.com/security/cve/CVE-2016-0961 https://access.redhat.com/security/cve/CVE-2016-0962 https://access.redhat.com/security/cve/CVE-2016-0963 https://access.redhat.com/security/cve/CVE-2016-0986 https://access.redhat.com/security/cve/CVE-2016-0987 https://access.redhat.com/security/cve/CVE-2016-0988 https://access.redhat.com/security/cve/CVE-2016-0989 https://access.redhat.com/security/cve/CVE-2016-0990 https://access.redhat.com/security/cve/CVE-2016-0991 https://access.redhat.com/security/cve/CVE-2016-0992 https://access.redhat.com/security/cve/CVE-2016-0993 https://access.redhat.com/security/cve/CVE-2016-0994 https://access.redhat.com/security/cve/CVE-2016-0995 https://access.redhat.com/security/cve/CVE-2016-0996 https://access.redhat.com/security/cve/CVE-2016-0997 https://access.redhat.com/security/cve/CVE-2016-0998 https://access.redhat.com/security/cve/CVE-2016-0999 https://access.redhat.com/security/cve/CVE-2016-1000 https://access.redhat.com/security/cve/CVE-2016-1001 https://access.redhat.com/security/cve/CVE-2016-1002 https://access.redhat.com/security/cve/CVE-2016-1005 https://access.redhat.com/security/cve/CVE-2016-1010 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx fg/pDiOCh9x1HJhk/a+BDeA= =4hyN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0279",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.2.2.306"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.176 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.577 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.182 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.333 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player esr",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.329"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"db": "NVD",
"id": "CVE-2016-0962"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.569",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.2.2.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0962"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0962",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0962",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88472",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0962",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0962",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-197",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88472",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0962",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88472"
},
{
"db": "VULMON",
"id": "CVE-2016-0962"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"db": "NVD",
"id": "CVE-2016-0962"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. This vulnerability CVE-2016-0960 , CVE-2016-0961 , CVE-2016-0986 , CVE-2016-0989 , CVE-2016-0992 , CVE-2016-1002 ,and CVE-2016-1005 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0438-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html\nIssue date: 2016-03-11\nCVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 \n CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 \n CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 \n CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 \n CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 \n CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 \n CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 \n CVE-2016-1005 CVE-2016-1010 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0960, CVE-2016-0961,\nCVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988,\nCVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,\nCVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998,\nCVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005,\nCVE-2016-1010)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.577. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0960\nhttps://access.redhat.com/security/cve/CVE-2016-0961\nhttps://access.redhat.com/security/cve/CVE-2016-0962\nhttps://access.redhat.com/security/cve/CVE-2016-0963\nhttps://access.redhat.com/security/cve/CVE-2016-0986\nhttps://access.redhat.com/security/cve/CVE-2016-0987\nhttps://access.redhat.com/security/cve/CVE-2016-0988\nhttps://access.redhat.com/security/cve/CVE-2016-0989\nhttps://access.redhat.com/security/cve/CVE-2016-0990\nhttps://access.redhat.com/security/cve/CVE-2016-0991\nhttps://access.redhat.com/security/cve/CVE-2016-0992\nhttps://access.redhat.com/security/cve/CVE-2016-0993\nhttps://access.redhat.com/security/cve/CVE-2016-0994\nhttps://access.redhat.com/security/cve/CVE-2016-0995\nhttps://access.redhat.com/security/cve/CVE-2016-0996\nhttps://access.redhat.com/security/cve/CVE-2016-0997\nhttps://access.redhat.com/security/cve/CVE-2016-0998\nhttps://access.redhat.com/security/cve/CVE-2016-0999\nhttps://access.redhat.com/security/cve/CVE-2016-1000\nhttps://access.redhat.com/security/cve/CVE-2016-1001\nhttps://access.redhat.com/security/cve/CVE-2016-1002\nhttps://access.redhat.com/security/cve/CVE-2016-1005\nhttps://access.redhat.com/security/cve/CVE-2016-1010\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx\nfg/pDiOCh9x1HJhk/a+BDeA=\n=4hyN\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0962"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"db": "VULHUB",
"id": "VHN-88472"
},
{
"db": "VULMON",
"id": "CVE-2016-0962"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0962",
"trust": 2.8
},
{
"db": "BID",
"id": "84311",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1035251",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001723",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-197",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88472",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0962",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88472"
},
{
"db": "VULMON",
"id": "CVE-2016-0962"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0962"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
]
},
"id": "VAR-201603-0279",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88472"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:13.028000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-08.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-036.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-036.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160314f.html"
},
{
"title": "Adobe Flash Player Repair measures for memory corruption vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60555"
},
{
"title": "Red Hat: CVE-2016-0962",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0962"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0962 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0960 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0986 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1002 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0961 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0989 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1005 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0992 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/adobe-patches-23-vulnerabilities-in-todays-flash-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0962"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88472"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"db": "NVD",
"id": "CVE-2016-0962"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/84311"
},
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1035251"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0962"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160311-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0962"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17875"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0438.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0986"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0990"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88472"
},
{
"db": "VULMON",
"id": "CVE-2016-0962"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0962"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88472"
},
{
"db": "VULMON",
"id": "CVE-2016-0962"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0962"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-88472"
},
{
"date": "2016-03-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0962"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-03-11T23:23:00",
"db": "PACKETSTORM",
"id": "136178"
},
{
"date": "2016-03-12T15:59:05.023000",
"db": "NVD",
"id": "CVE-2016-0962"
},
{
"date": "2016-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88472"
},
{
"date": "2022-12-14T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0962"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001723"
},
{
"date": "2022-12-14T19:33:52.987000",
"db": "NVD",
"id": "CVE-2016-0962"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001723"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-197"
}
],
"trust": 0.6
}
}
VAR-201603-0266
Vulnerability from variot - Updated: 2023-12-18 12:06Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999. This vulnerability CVE-2016-0987 , CVE-2016-0988 , CVE-2016-0990 , CVE-2016-0991 , CVE-2016-0994 , CVE-2016-0995 , CVE-2016-0996 , CVE-2016-0997 , CVE-2016-0998 ,and CVE-2016-0999 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. The product enables viewing of applications, content and video across screens and browsers. A use-after-free vulnerability exists in several Adobe products. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0438-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html Issue date: 2016-03-11 CVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.577.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0960 https://access.redhat.com/security/cve/CVE-2016-0961 https://access.redhat.com/security/cve/CVE-2016-0962 https://access.redhat.com/security/cve/CVE-2016-0963 https://access.redhat.com/security/cve/CVE-2016-0986 https://access.redhat.com/security/cve/CVE-2016-0987 https://access.redhat.com/security/cve/CVE-2016-0988 https://access.redhat.com/security/cve/CVE-2016-0989 https://access.redhat.com/security/cve/CVE-2016-0990 https://access.redhat.com/security/cve/CVE-2016-0991 https://access.redhat.com/security/cve/CVE-2016-0992 https://access.redhat.com/security/cve/CVE-2016-0993 https://access.redhat.com/security/cve/CVE-2016-0994 https://access.redhat.com/security/cve/CVE-2016-0995 https://access.redhat.com/security/cve/CVE-2016-0996 https://access.redhat.com/security/cve/CVE-2016-0997 https://access.redhat.com/security/cve/CVE-2016-0998 https://access.redhat.com/security/cve/CVE-2016-0999 https://access.redhat.com/security/cve/CVE-2016-1000 https://access.redhat.com/security/cve/CVE-2016-1001 https://access.redhat.com/security/cve/CVE-2016-1002 https://access.redhat.com/security/cve/CVE-2016-1005 https://access.redhat.com/security/cve/CVE-2016-1010 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx fg/pDiOCh9x1HJhk/a+BDeA= =4hyN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0266",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.2.2.306"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.176 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.577 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.182 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.333 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"db": "NVD",
"id": "CVE-2016-1000"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.569",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.2.2.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1000"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-1000",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-1000",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88510",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-1000",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-1000",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-181",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88510",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-1000",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88510"
},
{
"db": "VULMON",
"id": "CVE-2016-1000"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"db": "NVD",
"id": "CVE-2016-1000"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999. This vulnerability CVE-2016-0987 , CVE-2016-0988 , CVE-2016-0990 , CVE-2016-0991 , CVE-2016-0994 , CVE-2016-0995 , CVE-2016-0996 , CVE-2016-0997 , CVE-2016-0998 ,and CVE-2016-0999 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. The product enables viewing of applications, content and video across screens and browsers. A use-after-free vulnerability exists in several Adobe products. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, or bypass security restrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0438-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html\nIssue date: 2016-03-11\nCVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 \n CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 \n CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 \n CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 \n CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 \n CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 \n CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 \n CVE-2016-1005 CVE-2016-1010 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0960, CVE-2016-0961,\nCVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988,\nCVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,\nCVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998,\nCVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005,\nCVE-2016-1010)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.577. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0960\nhttps://access.redhat.com/security/cve/CVE-2016-0961\nhttps://access.redhat.com/security/cve/CVE-2016-0962\nhttps://access.redhat.com/security/cve/CVE-2016-0963\nhttps://access.redhat.com/security/cve/CVE-2016-0986\nhttps://access.redhat.com/security/cve/CVE-2016-0987\nhttps://access.redhat.com/security/cve/CVE-2016-0988\nhttps://access.redhat.com/security/cve/CVE-2016-0989\nhttps://access.redhat.com/security/cve/CVE-2016-0990\nhttps://access.redhat.com/security/cve/CVE-2016-0991\nhttps://access.redhat.com/security/cve/CVE-2016-0992\nhttps://access.redhat.com/security/cve/CVE-2016-0993\nhttps://access.redhat.com/security/cve/CVE-2016-0994\nhttps://access.redhat.com/security/cve/CVE-2016-0995\nhttps://access.redhat.com/security/cve/CVE-2016-0996\nhttps://access.redhat.com/security/cve/CVE-2016-0997\nhttps://access.redhat.com/security/cve/CVE-2016-0998\nhttps://access.redhat.com/security/cve/CVE-2016-0999\nhttps://access.redhat.com/security/cve/CVE-2016-1000\nhttps://access.redhat.com/security/cve/CVE-2016-1001\nhttps://access.redhat.com/security/cve/CVE-2016-1002\nhttps://access.redhat.com/security/cve/CVE-2016-1005\nhttps://access.redhat.com/security/cve/CVE-2016-1010\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx\nfg/pDiOCh9x1HJhk/a+BDeA=\n=4hyN\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1000"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"db": "VULHUB",
"id": "VHN-88510"
},
{
"db": "VULMON",
"id": "CVE-2016-1000"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-88510",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39610",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88510"
},
{
"db": "VULMON",
"id": "CVE-2016-1000"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1000",
"trust": 2.8
},
{
"db": "EXPLOIT-DB",
"id": "39610",
"trust": 1.8
},
{
"db": "BID",
"id": "84312",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1035251",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001739",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-181",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "136360",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-88510",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-1000",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88510"
},
{
"db": "VULMON",
"id": "CVE-2016-1000"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-1000"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
]
},
"id": "VAR-201603-0266",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88510"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:13.070000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-08.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-036.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-036.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160314f.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60540"
},
{
"title": "Red Hat: CVE-2016-1000",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-1000"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0996 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0997 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0995 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0994 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0987 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0990 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0998 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1000 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0999 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/adobe-patches-23-vulnerabilities-in-todays-flash-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-1000"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88510"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"db": "NVD",
"id": "CVE-2016-1000"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/84312"
},
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/39610/"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1582.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2016-1583.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1035251"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1000"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160311-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1000"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17875"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-1000"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0438.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0986"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0990"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88510"
},
{
"db": "VULMON",
"id": "CVE-2016-1000"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-1000"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88510"
},
{
"db": "VULMON",
"id": "CVE-2016-1000"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-1000"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-88510"
},
{
"date": "2016-03-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1000"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-03-11T23:23:00",
"db": "PACKETSTORM",
"id": "136178"
},
{
"date": "2016-03-12T15:59:21.027000",
"db": "NVD",
"id": "CVE-2016-1000"
},
{
"date": "2016-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88510"
},
{
"date": "2022-12-14T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1000"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001739"
},
{
"date": "2022-12-14T19:44:00.990000",
"db": "NVD",
"id": "CVE-2016-1000"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001739"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-181"
}
],
"trust": 0.6
}
}
VAR-201603-0272
Vulnerability from variot - Updated: 2023-12-18 12:06Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. This vulnerability CVE-2016-0960 , CVE-2016-0961 , CVE-2016-0962 , CVE-2016-0986 , CVE-2016-0992 , CVE-2016-1002 ,and CVE-2016-1005 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0438-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html Issue date: 2016-03-11 CVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.577.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0960 https://access.redhat.com/security/cve/CVE-2016-0961 https://access.redhat.com/security/cve/CVE-2016-0962 https://access.redhat.com/security/cve/CVE-2016-0963 https://access.redhat.com/security/cve/CVE-2016-0986 https://access.redhat.com/security/cve/CVE-2016-0987 https://access.redhat.com/security/cve/CVE-2016-0988 https://access.redhat.com/security/cve/CVE-2016-0989 https://access.redhat.com/security/cve/CVE-2016-0990 https://access.redhat.com/security/cve/CVE-2016-0991 https://access.redhat.com/security/cve/CVE-2016-0992 https://access.redhat.com/security/cve/CVE-2016-0993 https://access.redhat.com/security/cve/CVE-2016-0994 https://access.redhat.com/security/cve/CVE-2016-0995 https://access.redhat.com/security/cve/CVE-2016-0996 https://access.redhat.com/security/cve/CVE-2016-0997 https://access.redhat.com/security/cve/CVE-2016-0998 https://access.redhat.com/security/cve/CVE-2016-0999 https://access.redhat.com/security/cve/CVE-2016-1000 https://access.redhat.com/security/cve/CVE-2016-1001 https://access.redhat.com/security/cve/CVE-2016-1002 https://access.redhat.com/security/cve/CVE-2016-1005 https://access.redhat.com/security/cve/CVE-2016-1010 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx fg/pDiOCh9x1HJhk/a+BDeA= =4hyN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0272",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.2.2.306"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.176 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.577 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.182 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.333 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"db": "NVD",
"id": "CVE-2016-0989"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.569",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.2.2.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0989"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0989",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0989",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88499",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0989",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0989",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-190",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88499",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0989",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88499"
},
{
"db": "VULMON",
"id": "CVE-2016-0989"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"db": "NVD",
"id": "CVE-2016-0989"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. This vulnerability CVE-2016-0960 , CVE-2016-0961 , CVE-2016-0962 , CVE-2016-0986 , CVE-2016-0992 , CVE-2016-1002 ,and CVE-2016-1005 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0438-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html\nIssue date: 2016-03-11\nCVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 \n CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 \n CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 \n CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 \n CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 \n CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 \n CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 \n CVE-2016-1005 CVE-2016-1010 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0960, CVE-2016-0961,\nCVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988,\nCVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,\nCVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998,\nCVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005,\nCVE-2016-1010)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.577. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0960\nhttps://access.redhat.com/security/cve/CVE-2016-0961\nhttps://access.redhat.com/security/cve/CVE-2016-0962\nhttps://access.redhat.com/security/cve/CVE-2016-0963\nhttps://access.redhat.com/security/cve/CVE-2016-0986\nhttps://access.redhat.com/security/cve/CVE-2016-0987\nhttps://access.redhat.com/security/cve/CVE-2016-0988\nhttps://access.redhat.com/security/cve/CVE-2016-0989\nhttps://access.redhat.com/security/cve/CVE-2016-0990\nhttps://access.redhat.com/security/cve/CVE-2016-0991\nhttps://access.redhat.com/security/cve/CVE-2016-0992\nhttps://access.redhat.com/security/cve/CVE-2016-0993\nhttps://access.redhat.com/security/cve/CVE-2016-0994\nhttps://access.redhat.com/security/cve/CVE-2016-0995\nhttps://access.redhat.com/security/cve/CVE-2016-0996\nhttps://access.redhat.com/security/cve/CVE-2016-0997\nhttps://access.redhat.com/security/cve/CVE-2016-0998\nhttps://access.redhat.com/security/cve/CVE-2016-0999\nhttps://access.redhat.com/security/cve/CVE-2016-1000\nhttps://access.redhat.com/security/cve/CVE-2016-1001\nhttps://access.redhat.com/security/cve/CVE-2016-1002\nhttps://access.redhat.com/security/cve/CVE-2016-1005\nhttps://access.redhat.com/security/cve/CVE-2016-1010\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx\nfg/pDiOCh9x1HJhk/a+BDeA=\n=4hyN\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0989"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"db": "VULHUB",
"id": "VHN-88499"
},
{
"db": "VULMON",
"id": "CVE-2016-0989"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0989",
"trust": 2.8
},
{
"db": "BID",
"id": "84311",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1035251",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001728",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-190",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88499",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0989",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88499"
},
{
"db": "VULMON",
"id": "CVE-2016-0989"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0989"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
]
},
"id": "VAR-201603-0272",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88499"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.218000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-08.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-036.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-036.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160314f.html"
},
{
"title": "Multiple Adobe Product memory corruption vulnerability fixes",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60549"
},
{
"title": "Red Hat: CVE-2016-0989",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0989"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0962 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0961 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0989 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1002 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0986 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0960 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0992 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1005 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/adobe-patches-23-vulnerabilities-in-todays-flash-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0989"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88499"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"db": "NVD",
"id": "CVE-2016-0989"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/84311"
},
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1035251"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0989"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160311-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0989"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17875"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0989"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0438.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0986"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0990"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88499"
},
{
"db": "VULMON",
"id": "CVE-2016-0989"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0989"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88499"
},
{
"db": "VULMON",
"id": "CVE-2016-0989"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0989"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-88499"
},
{
"date": "2016-03-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0989"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-03-11T23:23:00",
"db": "PACKETSTORM",
"id": "136178"
},
{
"date": "2016-03-12T15:59:09.963000",
"db": "NVD",
"id": "CVE-2016-0989"
},
{
"date": "2016-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88499"
},
{
"date": "2023-04-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0989"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001728"
},
{
"date": "2023-04-26T18:38:04.547000",
"db": "NVD",
"id": "CVE-2016-0989"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001728"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-190"
}
],
"trust": 0.6
}
}
VAR-201602-0325
Vulnerability from variot - Updated: 2023-12-18 12:06Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code by leveraging improper reference handling, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984. This vulnerability CVE-2016-0973 , CVE-2016-0974 , CVE-2016-0982 , CVE-2016-0983 ,and CVE-2016-0984 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code by using inappropriate reference processing. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of instanceof. The issue lies in the failure to safely hold a reference to arguments during execution of the function. A use-after-free vulnerability exists in the 'instanceof' function of several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0325",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.272"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.260 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.569 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.306 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.329 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"db": "NVD",
"id": "CVE-2016-0975"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.559",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.326",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0975"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-160"
}
],
"trust": 0.7
},
"cve": "CVE-2016-0975",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0975",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0975",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88485",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0975",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2016-0975",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-233",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88485",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0975",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"db": "VULHUB",
"id": "VHN-88485"
},
{
"db": "VULMON",
"id": "CVE-2016-0975"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"db": "NVD",
"id": "CVE-2016-0975"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in the instanceof function in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code by leveraging improper reference handling, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0982, CVE-2016-0983, and CVE-2016-0984. This vulnerability CVE-2016-0973 , CVE-2016-0974 , CVE-2016-0982 , CVE-2016-0983 ,and CVE-2016-0984 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code by using inappropriate reference processing. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of instanceof. The issue lies in the failure to safely hold a reference to arguments during execution of the function. A use-after-free vulnerability exists in the \u0027instanceof\u0027 function of several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0166-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html\nIssue date: 2016-02-10\nCVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 \n CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 \n CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 \n CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 \n CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 \n CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 \n CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 \n CVE-2016-0985 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0964, CVE-2016-0965,\nCVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970,\nCVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,\nCVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980,\nCVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.569. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0964\nhttps://access.redhat.com/security/cve/CVE-2016-0965\nhttps://access.redhat.com/security/cve/CVE-2016-0966\nhttps://access.redhat.com/security/cve/CVE-2016-0967\nhttps://access.redhat.com/security/cve/CVE-2016-0968\nhttps://access.redhat.com/security/cve/CVE-2016-0969\nhttps://access.redhat.com/security/cve/CVE-2016-0970\nhttps://access.redhat.com/security/cve/CVE-2016-0971\nhttps://access.redhat.com/security/cve/CVE-2016-0972\nhttps://access.redhat.com/security/cve/CVE-2016-0973\nhttps://access.redhat.com/security/cve/CVE-2016-0974\nhttps://access.redhat.com/security/cve/CVE-2016-0975\nhttps://access.redhat.com/security/cve/CVE-2016-0976\nhttps://access.redhat.com/security/cve/CVE-2016-0977\nhttps://access.redhat.com/security/cve/CVE-2016-0978\nhttps://access.redhat.com/security/cve/CVE-2016-0979\nhttps://access.redhat.com/security/cve/CVE-2016-0980\nhttps://access.redhat.com/security/cve/CVE-2016-0981\nhttps://access.redhat.com/security/cve/CVE-2016-0982\nhttps://access.redhat.com/security/cve/CVE-2016-0983\nhttps://access.redhat.com/security/cve/CVE-2016-0984\nhttps://access.redhat.com/security/cve/CVE-2016-0985\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a\nBqfeXKQ7gO6znLLAPjMjwBk=\n=bzir\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0975"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"db": "VULHUB",
"id": "VHN-88485"
},
{
"db": "VULMON",
"id": "CVE-2016-0975"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0975",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-16-160",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1034970",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3452",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201602-233",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88485",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0975",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135727",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"db": "VULHUB",
"id": "VHN-88485"
},
{
"db": "VULMON",
"id": "CVE-2016-0975"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0975"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
]
},
"id": "VAR-201602-0325",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88485"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.830000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-04",
"trust": 1.5,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-04.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-022.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-022.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160212f.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60175"
},
{
"title": "Red Hat: CVE-2016-0975",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0975"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"db": "VULMON",
"id": "CVE-2016-0975"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88485"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"db": "NVD",
"id": "CVE-2016-0975"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0166.html"
},
{
"trust": 1.8,
"url": "http://zerodayinitiative.com/advisories/zdi-16-160/"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1034970"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0975"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160210-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160008.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0975"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17700"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=43851"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0983"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0967"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0970"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0979"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0985"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0972"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0966"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0968"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0981"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0980"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"db": "VULHUB",
"id": "VHN-88485"
},
{
"db": "VULMON",
"id": "CVE-2016-0975"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0975"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"db": "VULHUB",
"id": "VHN-88485"
},
{
"db": "VULMON",
"id": "CVE-2016-0975"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0975"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-09T00:00:00",
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-88485"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0975"
},
{
"date": "2016-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-02-11T17:41:19",
"db": "PACKETSTORM",
"id": "135727"
},
{
"date": "2016-02-10T20:59:23.030000",
"db": "NVD",
"id": "CVE-2016-0975"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-09T00:00:00",
"db": "ZDI",
"id": "ZDI-16-160"
},
{
"date": "2023-01-20T00:00:00",
"db": "VULHUB",
"id": "VHN-88485"
},
{
"date": "2023-01-20T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0975"
},
{
"date": "2016-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001436"
},
{
"date": "2023-01-20T13:39:30.860000",
"db": "NVD",
"id": "CVE-2016-0975"
},
{
"date": "2023-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001436"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-233"
}
],
"trust": 0.6
}
}
VAR-201603-0200
Vulnerability from variot - Updated: 2023-12-18 12:06Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors. An attacker could exploit this vulnerability to execute arbitrary code. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0438-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html Issue date: 2016-03-11 CVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.577.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0960 https://access.redhat.com/security/cve/CVE-2016-0961 https://access.redhat.com/security/cve/CVE-2016-0962 https://access.redhat.com/security/cve/CVE-2016-0963 https://access.redhat.com/security/cve/CVE-2016-0986 https://access.redhat.com/security/cve/CVE-2016-0987 https://access.redhat.com/security/cve/CVE-2016-0988 https://access.redhat.com/security/cve/CVE-2016-0989 https://access.redhat.com/security/cve/CVE-2016-0990 https://access.redhat.com/security/cve/CVE-2016-0991 https://access.redhat.com/security/cve/CVE-2016-0992 https://access.redhat.com/security/cve/CVE-2016-0993 https://access.redhat.com/security/cve/CVE-2016-0994 https://access.redhat.com/security/cve/CVE-2016-0995 https://access.redhat.com/security/cve/CVE-2016-0996 https://access.redhat.com/security/cve/CVE-2016-0997 https://access.redhat.com/security/cve/CVE-2016-0998 https://access.redhat.com/security/cve/CVE-2016-0999 https://access.redhat.com/security/cve/CVE-2016-1000 https://access.redhat.com/security/cve/CVE-2016-1001 https://access.redhat.com/security/cve/CVE-2016-1002 https://access.redhat.com/security/cve/CVE-2016-1005 https://access.redhat.com/security/cve/CVE-2016-1010 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx fg/pDiOCh9x1HJhk/a+BDeA= =4hyN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0200",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.2.2.306"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.176 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.577 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.182 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.333 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"db": "NVD",
"id": "CVE-2016-1001"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.569",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.2.2.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1001"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-1001",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-1001",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-88743",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-1001",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-1001",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-180",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88743",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-1001",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88743"
},
{
"db": "VULMON",
"id": "CVE-2016-1001"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"db": "NVD",
"id": "CVE-2016-1001"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors. An attacker could exploit this vulnerability to execute arbitrary code. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, or bypass security restrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0438-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html\nIssue date: 2016-03-11\nCVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 \n CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 \n CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 \n CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 \n CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 \n CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 \n CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 \n CVE-2016-1005 CVE-2016-1010 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0960, CVE-2016-0961,\nCVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988,\nCVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,\nCVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998,\nCVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005,\nCVE-2016-1010)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.577. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0960\nhttps://access.redhat.com/security/cve/CVE-2016-0961\nhttps://access.redhat.com/security/cve/CVE-2016-0962\nhttps://access.redhat.com/security/cve/CVE-2016-0963\nhttps://access.redhat.com/security/cve/CVE-2016-0986\nhttps://access.redhat.com/security/cve/CVE-2016-0987\nhttps://access.redhat.com/security/cve/CVE-2016-0988\nhttps://access.redhat.com/security/cve/CVE-2016-0989\nhttps://access.redhat.com/security/cve/CVE-2016-0990\nhttps://access.redhat.com/security/cve/CVE-2016-0991\nhttps://access.redhat.com/security/cve/CVE-2016-0992\nhttps://access.redhat.com/security/cve/CVE-2016-0993\nhttps://access.redhat.com/security/cve/CVE-2016-0994\nhttps://access.redhat.com/security/cve/CVE-2016-0995\nhttps://access.redhat.com/security/cve/CVE-2016-0996\nhttps://access.redhat.com/security/cve/CVE-2016-0997\nhttps://access.redhat.com/security/cve/CVE-2016-0998\nhttps://access.redhat.com/security/cve/CVE-2016-0999\nhttps://access.redhat.com/security/cve/CVE-2016-1000\nhttps://access.redhat.com/security/cve/CVE-2016-1001\nhttps://access.redhat.com/security/cve/CVE-2016-1002\nhttps://access.redhat.com/security/cve/CVE-2016-1005\nhttps://access.redhat.com/security/cve/CVE-2016-1010\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx\nfg/pDiOCh9x1HJhk/a+BDeA=\n=4hyN\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1001"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"db": "VULHUB",
"id": "VHN-88743"
},
{
"db": "VULMON",
"id": "CVE-2016-1001"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39609",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-1001"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1001",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1035251",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "39609",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001740",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-180",
"trust": 0.7
},
{
"db": "BID",
"id": "84310",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136361",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-88743",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-1001",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88743"
},
{
"db": "VULMON",
"id": "CVE-2016-1001"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-1001"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
]
},
"id": "VAR-201603-0200",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88743"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.750000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-08.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-036.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-036.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160314f.html"
},
{
"title": "Multiple Adobe Product-based patch-based buffer overflow vulnerability fixes",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60539"
},
{
"title": "Red Hat: CVE-2016-1001",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-1001"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1001 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/adobe-patches-23-vulnerabilities-in-todays-flash-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-1001"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88743"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"db": "NVD",
"id": "CVE-2016-1001"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/39609/"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1035251"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1001"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160311-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1001"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17875"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-1001"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0438.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0986"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0990"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88743"
},
{
"db": "VULMON",
"id": "CVE-2016-1001"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-1001"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88743"
},
{
"db": "VULMON",
"id": "CVE-2016-1001"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-1001"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-88743"
},
{
"date": "2016-03-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1001"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-03-11T23:23:00",
"db": "PACKETSTORM",
"id": "136178"
},
{
"date": "2016-03-12T15:59:21.900000",
"db": "NVD",
"id": "CVE-2016-1001"
},
{
"date": "2016-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88743"
},
{
"date": "2022-12-14T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1001"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001740"
},
{
"date": "2022-12-14T19:40:57.873000",
"db": "NVD",
"id": "CVE-2016-1001"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001740"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-180"
}
],
"trust": 0.6
}
}
VAR-201603-0278
Vulnerability from variot - Updated: 2023-12-18 12:06Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. This vulnerability CVE-2016-0960 , CVE-2016-0962 , CVE-2016-0986 , CVE-2016-0989 , CVE-2016-0992 , CVE-2016-1002 ,and CVE-2016-1005 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0438-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html Issue date: 2016-03-11 CVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.577.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0960 https://access.redhat.com/security/cve/CVE-2016-0961 https://access.redhat.com/security/cve/CVE-2016-0962 https://access.redhat.com/security/cve/CVE-2016-0963 https://access.redhat.com/security/cve/CVE-2016-0986 https://access.redhat.com/security/cve/CVE-2016-0987 https://access.redhat.com/security/cve/CVE-2016-0988 https://access.redhat.com/security/cve/CVE-2016-0989 https://access.redhat.com/security/cve/CVE-2016-0990 https://access.redhat.com/security/cve/CVE-2016-0991 https://access.redhat.com/security/cve/CVE-2016-0992 https://access.redhat.com/security/cve/CVE-2016-0993 https://access.redhat.com/security/cve/CVE-2016-0994 https://access.redhat.com/security/cve/CVE-2016-0995 https://access.redhat.com/security/cve/CVE-2016-0996 https://access.redhat.com/security/cve/CVE-2016-0997 https://access.redhat.com/security/cve/CVE-2016-0998 https://access.redhat.com/security/cve/CVE-2016-0999 https://access.redhat.com/security/cve/CVE-2016-1000 https://access.redhat.com/security/cve/CVE-2016-1001 https://access.redhat.com/security/cve/CVE-2016-1002 https://access.redhat.com/security/cve/CVE-2016-1005 https://access.redhat.com/security/cve/CVE-2016-1010 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx fg/pDiOCh9x1HJhk/a+BDeA= =4hyN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0278",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.2.2.306"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.176 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.577 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.182 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.333 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player esr",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.329"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"db": "NVD",
"id": "CVE-2016-0961"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.569",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.2.2.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0961"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0961",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0961",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88471",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0961",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0961",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-192",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88471",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0961",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88471"
},
{
"db": "VULMON",
"id": "CVE-2016-0961"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"db": "NVD",
"id": "CVE-2016-0961"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. This vulnerability CVE-2016-0960 , CVE-2016-0962 , CVE-2016-0986 , CVE-2016-0989 , CVE-2016-0992 , CVE-2016-1002 ,and CVE-2016-1005 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0438-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html\nIssue date: 2016-03-11\nCVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 \n CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 \n CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 \n CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 \n CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 \n CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 \n CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 \n CVE-2016-1005 CVE-2016-1010 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0960, CVE-2016-0961,\nCVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988,\nCVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,\nCVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998,\nCVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005,\nCVE-2016-1010)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.577. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0960\nhttps://access.redhat.com/security/cve/CVE-2016-0961\nhttps://access.redhat.com/security/cve/CVE-2016-0962\nhttps://access.redhat.com/security/cve/CVE-2016-0963\nhttps://access.redhat.com/security/cve/CVE-2016-0986\nhttps://access.redhat.com/security/cve/CVE-2016-0987\nhttps://access.redhat.com/security/cve/CVE-2016-0988\nhttps://access.redhat.com/security/cve/CVE-2016-0989\nhttps://access.redhat.com/security/cve/CVE-2016-0990\nhttps://access.redhat.com/security/cve/CVE-2016-0991\nhttps://access.redhat.com/security/cve/CVE-2016-0992\nhttps://access.redhat.com/security/cve/CVE-2016-0993\nhttps://access.redhat.com/security/cve/CVE-2016-0994\nhttps://access.redhat.com/security/cve/CVE-2016-0995\nhttps://access.redhat.com/security/cve/CVE-2016-0996\nhttps://access.redhat.com/security/cve/CVE-2016-0997\nhttps://access.redhat.com/security/cve/CVE-2016-0998\nhttps://access.redhat.com/security/cve/CVE-2016-0999\nhttps://access.redhat.com/security/cve/CVE-2016-1000\nhttps://access.redhat.com/security/cve/CVE-2016-1001\nhttps://access.redhat.com/security/cve/CVE-2016-1002\nhttps://access.redhat.com/security/cve/CVE-2016-1005\nhttps://access.redhat.com/security/cve/CVE-2016-1010\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx\nfg/pDiOCh9x1HJhk/a+BDeA=\n=4hyN\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0961"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"db": "VULHUB",
"id": "VHN-88471"
},
{
"db": "VULMON",
"id": "CVE-2016-0961"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0961",
"trust": 2.8
},
{
"db": "BID",
"id": "84311",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1035251",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001722",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-192",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88471",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0961",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88471"
},
{
"db": "VULMON",
"id": "CVE-2016-0961"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0961"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
]
},
"id": "VAR-201603-0278",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88471"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.264000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-08.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-036.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-036.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160314f.html"
},
{
"title": "Multiple Adobe Product memory corruption vulnerability fixes",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=217646"
},
{
"title": "Red Hat: CVE-2016-0961",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0961"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0960 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0986 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1002 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0962 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0961 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0989 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1005 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0992 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/adobe-patches-23-vulnerabilities-in-todays-flash-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0961"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88471"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"db": "NVD",
"id": "CVE-2016-0961"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/84311"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1035251"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0961"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160311-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0961"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17875"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=46664"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0438.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0986"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0990"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88471"
},
{
"db": "VULMON",
"id": "CVE-2016-0961"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0961"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88471"
},
{
"db": "VULMON",
"id": "CVE-2016-0961"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0961"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-88471"
},
{
"date": "2016-03-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0961"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-03-11T23:23:00",
"db": "PACKETSTORM",
"id": "136178"
},
{
"date": "2016-03-12T15:59:03.773000",
"db": "NVD",
"id": "CVE-2016-0961"
},
{
"date": "2016-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88471"
},
{
"date": "2022-12-14T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0961"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001722"
},
{
"date": "2022-12-14T19:35:13.937000",
"db": "NVD",
"id": "CVE-2016-0961"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001722"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-192"
}
],
"trust": 0.6
}
}
VAR-201602-0332
Vulnerability from variot - Updated: 2023-12-18 12:06Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0983, and CVE-2016-0984. This vulnerability CVE-2016-0973 , CVE-2016-0974 , CVE-2016-0975 , CVE-2016-0983 ,and CVE-2016-0984 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. A use-after-free vulnerability exists in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0332",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.272"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.260 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.569 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.306 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.329 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"db": "NVD",
"id": "CVE-2016-0982"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.559",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.326",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0982"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0982",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0982",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88492",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0982",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0982",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-240",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88492",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0982",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88492"
},
{
"db": "VULMON",
"id": "CVE-2016-0982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"db": "NVD",
"id": "CVE-2016-0982"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0983, and CVE-2016-0984. This vulnerability CVE-2016-0973 , CVE-2016-0974 , CVE-2016-0975 , CVE-2016-0983 ,and CVE-2016-0984 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. A use-after-free vulnerability exists in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, or bypass security restrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0166-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html\nIssue date: 2016-02-10\nCVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 \n CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 \n CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 \n CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 \n CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 \n CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 \n CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 \n CVE-2016-0985 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0964, CVE-2016-0965,\nCVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970,\nCVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,\nCVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980,\nCVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.569. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0964\nhttps://access.redhat.com/security/cve/CVE-2016-0965\nhttps://access.redhat.com/security/cve/CVE-2016-0966\nhttps://access.redhat.com/security/cve/CVE-2016-0967\nhttps://access.redhat.com/security/cve/CVE-2016-0968\nhttps://access.redhat.com/security/cve/CVE-2016-0969\nhttps://access.redhat.com/security/cve/CVE-2016-0970\nhttps://access.redhat.com/security/cve/CVE-2016-0971\nhttps://access.redhat.com/security/cve/CVE-2016-0972\nhttps://access.redhat.com/security/cve/CVE-2016-0973\nhttps://access.redhat.com/security/cve/CVE-2016-0974\nhttps://access.redhat.com/security/cve/CVE-2016-0975\nhttps://access.redhat.com/security/cve/CVE-2016-0976\nhttps://access.redhat.com/security/cve/CVE-2016-0977\nhttps://access.redhat.com/security/cve/CVE-2016-0978\nhttps://access.redhat.com/security/cve/CVE-2016-0979\nhttps://access.redhat.com/security/cve/CVE-2016-0980\nhttps://access.redhat.com/security/cve/CVE-2016-0981\nhttps://access.redhat.com/security/cve/CVE-2016-0982\nhttps://access.redhat.com/security/cve/CVE-2016-0983\nhttps://access.redhat.com/security/cve/CVE-2016-0984\nhttps://access.redhat.com/security/cve/CVE-2016-0985\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a\nBqfeXKQ7gO6znLLAPjMjwBk=\n=bzir\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"db": "VULHUB",
"id": "VHN-88492"
},
{
"db": "VULMON",
"id": "CVE-2016-0982"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0982",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1034970",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001480",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-240",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88492",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0982",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135727",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88492"
},
{
"db": "VULMON",
"id": "CVE-2016-0982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0982"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
]
},
"id": "VAR-201602-0332",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88492"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.345000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-04.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-022.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-022.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160212f.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60182"
},
{
"title": "Red Hat: CVE-2016-0982",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0982"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"db": "NVD",
"id": "CVE-2016-0982"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0166.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1034970"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0982"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160210-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160008.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0982"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17700"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0982"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0983"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0967"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0970"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0979"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0985"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0972"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0966"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0968"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0981"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0980"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88492"
},
{
"db": "VULMON",
"id": "CVE-2016-0982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0982"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88492"
},
{
"db": "VULMON",
"id": "CVE-2016-0982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0982"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-88492"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0982"
},
{
"date": "2016-02-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-02-11T17:41:19",
"db": "PACKETSTORM",
"id": "135727"
},
{
"date": "2016-02-10T20:59:30.530000",
"db": "NVD",
"id": "CVE-2016-0982"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-26T00:00:00",
"db": "VULHUB",
"id": "VHN-88492"
},
{
"date": "2023-01-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0982"
},
{
"date": "2016-02-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001480"
},
{
"date": "2023-01-26T21:38:33.867000",
"db": "NVD",
"id": "CVE-2016-0982"
},
{
"date": "2023-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001480"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-240"
}
],
"trust": 0.6
}
}
VAR-201602-0333
Vulnerability from variot - Updated: 2023-12-18 12:06Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0984. This vulnerability CVE-2016-0973 , CVE-2016-0974 , CVE-2016-0975 , CVE-2016-0982 ,and CVE-2016-0984 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. A use-after-free vulnerability exists in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0333",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.272"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.260 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.569 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.306 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.329 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001467"
},
{
"db": "NVD",
"id": "CVE-2016-0983"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-241"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.559",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.326",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0983"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0983",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0983",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88493",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0983",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0983",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-241",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88493",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0983",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88493"
},
{
"db": "VULMON",
"id": "CVE-2016-0983"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001467"
},
{
"db": "NVD",
"id": "CVE-2016-0983"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-241"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, and CVE-2016-0984. This vulnerability CVE-2016-0973 , CVE-2016-0974 , CVE-2016-0975 , CVE-2016-0982 ,and CVE-2016-0984 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. A use-after-free vulnerability exists in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, or bypass security restrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0166-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html\nIssue date: 2016-02-10\nCVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 \n CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 \n CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 \n CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 \n CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 \n CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 \n CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 \n CVE-2016-0985 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0964, CVE-2016-0965,\nCVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970,\nCVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,\nCVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980,\nCVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.569. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0964\nhttps://access.redhat.com/security/cve/CVE-2016-0965\nhttps://access.redhat.com/security/cve/CVE-2016-0966\nhttps://access.redhat.com/security/cve/CVE-2016-0967\nhttps://access.redhat.com/security/cve/CVE-2016-0968\nhttps://access.redhat.com/security/cve/CVE-2016-0969\nhttps://access.redhat.com/security/cve/CVE-2016-0970\nhttps://access.redhat.com/security/cve/CVE-2016-0971\nhttps://access.redhat.com/security/cve/CVE-2016-0972\nhttps://access.redhat.com/security/cve/CVE-2016-0973\nhttps://access.redhat.com/security/cve/CVE-2016-0974\nhttps://access.redhat.com/security/cve/CVE-2016-0975\nhttps://access.redhat.com/security/cve/CVE-2016-0976\nhttps://access.redhat.com/security/cve/CVE-2016-0977\nhttps://access.redhat.com/security/cve/CVE-2016-0978\nhttps://access.redhat.com/security/cve/CVE-2016-0979\nhttps://access.redhat.com/security/cve/CVE-2016-0980\nhttps://access.redhat.com/security/cve/CVE-2016-0981\nhttps://access.redhat.com/security/cve/CVE-2016-0982\nhttps://access.redhat.com/security/cve/CVE-2016-0983\nhttps://access.redhat.com/security/cve/CVE-2016-0984\nhttps://access.redhat.com/security/cve/CVE-2016-0985\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a\nBqfeXKQ7gO6znLLAPjMjwBk=\n=bzir\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0983"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001467"
},
{
"db": "VULHUB",
"id": "VHN-88493"
},
{
"db": "VULMON",
"id": "CVE-2016-0983"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0983",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1034970",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001467",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-241",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88493",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0983",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135727",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88493"
},
{
"db": "VULMON",
"id": "CVE-2016-0983"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001467"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0983"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-241"
}
]
},
"id": "VAR-201602-0333",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88493"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.951000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-04.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-022.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-022.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160212f.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60183"
},
{
"title": "Red Hat: CVE-2016-0983",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0983"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0983"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001467"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-241"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88493"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001467"
},
{
"db": "NVD",
"id": "CVE-2016-0983"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0166.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1034970"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0983"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160210-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160008.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0983"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17700"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0983"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0967"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0970"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0979"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0985"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0972"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0966"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0968"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0981"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0980"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88493"
},
{
"db": "VULMON",
"id": "CVE-2016-0983"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001467"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0983"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-241"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88493"
},
{
"db": "VULMON",
"id": "CVE-2016-0983"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001467"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0983"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-241"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-88493"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0983"
},
{
"date": "2016-02-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001467"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-02-11T17:41:19",
"db": "PACKETSTORM",
"id": "135727"
},
{
"date": "2016-02-10T20:59:31.657000",
"db": "NVD",
"id": "CVE-2016-0983"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-241"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-26T00:00:00",
"db": "VULHUB",
"id": "VHN-88493"
},
{
"date": "2023-01-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0983"
},
{
"date": "2016-02-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001467"
},
{
"date": "2023-01-26T21:42:47.407000",
"db": "NVD",
"id": "CVE-2016-0983"
},
{
"date": "2023-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-241"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-241"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001467"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-241"
}
],
"trust": 0.6
}
}
VAR-201603-0275
Vulnerability from variot - Updated: 2023-12-18 12:06Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005. This vulnerability CVE-2016-0960 , CVE-2016-0961 , CVE-2016-0962 , CVE-2016-0986 , CVE-2016-0989 , CVE-2016-1002 ,and CVE-2016-1005 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.260 and earlier versions, AIR for Android 20.0.0.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0438-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html Issue date: 2016-03-11 CVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.577.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0960 https://access.redhat.com/security/cve/CVE-2016-0961 https://access.redhat.com/security/cve/CVE-2016-0962 https://access.redhat.com/security/cve/CVE-2016-0963 https://access.redhat.com/security/cve/CVE-2016-0986 https://access.redhat.com/security/cve/CVE-2016-0987 https://access.redhat.com/security/cve/CVE-2016-0988 https://access.redhat.com/security/cve/CVE-2016-0989 https://access.redhat.com/security/cve/CVE-2016-0990 https://access.redhat.com/security/cve/CVE-2016-0991 https://access.redhat.com/security/cve/CVE-2016-0992 https://access.redhat.com/security/cve/CVE-2016-0993 https://access.redhat.com/security/cve/CVE-2016-0994 https://access.redhat.com/security/cve/CVE-2016-0995 https://access.redhat.com/security/cve/CVE-2016-0996 https://access.redhat.com/security/cve/CVE-2016-0997 https://access.redhat.com/security/cve/CVE-2016-0998 https://access.redhat.com/security/cve/CVE-2016-0999 https://access.redhat.com/security/cve/CVE-2016-1000 https://access.redhat.com/security/cve/CVE-2016-1001 https://access.redhat.com/security/cve/CVE-2016-1002 https://access.redhat.com/security/cve/CVE-2016-1005 https://access.redhat.com/security/cve/CVE-2016-1010 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx fg/pDiOCh9x1HJhk/a+BDeA= =4hyN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0275",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.2.2.306"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.176 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.577 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.182 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.333 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
},
{
"model": "flash player esr",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.329"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001731"
},
{
"db": "NVD",
"id": "CVE-2016-0992"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-187"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.569",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.2.2.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0992"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0992",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0992",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88502",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0992",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0992",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-187",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88502",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0992",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88502"
},
{
"db": "VULMON",
"id": "CVE-2016-0992"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001731"
},
{
"db": "NVD",
"id": "CVE-2016-0992"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-187"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005. This vulnerability CVE-2016-0960 , CVE-2016-0961 , CVE-2016-0962 , CVE-2016-0986 , CVE-2016-0989 , CVE-2016-1002 ,and CVE-2016-1005 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.260 and earlier versions, AIR for Android 20.0.0. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0438-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html\nIssue date: 2016-03-11\nCVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 \n CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 \n CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 \n CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 \n CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 \n CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 \n CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 \n CVE-2016-1005 CVE-2016-1010 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0960, CVE-2016-0961,\nCVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988,\nCVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,\nCVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998,\nCVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005,\nCVE-2016-1010)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.577. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0960\nhttps://access.redhat.com/security/cve/CVE-2016-0961\nhttps://access.redhat.com/security/cve/CVE-2016-0962\nhttps://access.redhat.com/security/cve/CVE-2016-0963\nhttps://access.redhat.com/security/cve/CVE-2016-0986\nhttps://access.redhat.com/security/cve/CVE-2016-0987\nhttps://access.redhat.com/security/cve/CVE-2016-0988\nhttps://access.redhat.com/security/cve/CVE-2016-0989\nhttps://access.redhat.com/security/cve/CVE-2016-0990\nhttps://access.redhat.com/security/cve/CVE-2016-0991\nhttps://access.redhat.com/security/cve/CVE-2016-0992\nhttps://access.redhat.com/security/cve/CVE-2016-0993\nhttps://access.redhat.com/security/cve/CVE-2016-0994\nhttps://access.redhat.com/security/cve/CVE-2016-0995\nhttps://access.redhat.com/security/cve/CVE-2016-0996\nhttps://access.redhat.com/security/cve/CVE-2016-0997\nhttps://access.redhat.com/security/cve/CVE-2016-0998\nhttps://access.redhat.com/security/cve/CVE-2016-0999\nhttps://access.redhat.com/security/cve/CVE-2016-1000\nhttps://access.redhat.com/security/cve/CVE-2016-1001\nhttps://access.redhat.com/security/cve/CVE-2016-1002\nhttps://access.redhat.com/security/cve/CVE-2016-1005\nhttps://access.redhat.com/security/cve/CVE-2016-1010\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx\nfg/pDiOCh9x1HJhk/a+BDeA=\n=4hyN\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0992"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001731"
},
{
"db": "VULHUB",
"id": "VHN-88502"
},
{
"db": "VULMON",
"id": "CVE-2016-0992"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0992",
"trust": 2.8
},
{
"db": "BID",
"id": "84311",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1035251",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001731",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-187",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88502",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0992",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88502"
},
{
"db": "VULMON",
"id": "CVE-2016-0992"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001731"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0992"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-187"
}
]
},
"id": "VAR-201603-0275",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88502"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.989000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-08.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-036.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-036.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160314f.html"
},
{
"title": "Multiple Adobe Product memory corruption vulnerability fixes",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60546"
},
{
"title": "Red Hat: CVE-2016-0992",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0992"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0962 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0960 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0986 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1002 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0961 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0989 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1005 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0992 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/adobe-patches-23-vulnerabilities-in-todays-flash-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0992"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001731"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-187"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88502"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001731"
},
{
"db": "NVD",
"id": "CVE-2016-0992"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/84311"
},
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1035251"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0992"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160311-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0992"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17875"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0992"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0438.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0986"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0990"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88502"
},
{
"db": "VULMON",
"id": "CVE-2016-0992"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001731"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0992"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-187"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88502"
},
{
"db": "VULMON",
"id": "CVE-2016-0992"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001731"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0992"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-187"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-88502"
},
{
"date": "2016-03-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0992"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001731"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-03-11T23:23:00",
"db": "PACKETSTORM",
"id": "136178"
},
{
"date": "2016-03-12T15:59:12.823000",
"db": "NVD",
"id": "CVE-2016-0992"
},
{
"date": "2016-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-187"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88502"
},
{
"date": "2022-12-14T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0992"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001731"
},
{
"date": "2022-12-14T19:20:13.527000",
"db": "NVD",
"id": "CVE-2016-0992"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-187"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-187"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001731"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-187"
}
],
"trust": 0.6
}
}
VAR-201602-0337
Vulnerability from variot - Updated: 2023-12-18 12:06Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. This vulnerability CVE-2016-0964 , CVE-2016-0965 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0978 , CVE-2016-0979 , CVE-2016-0980 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0337",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.272"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.260 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.569 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.306 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.329 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"db": "NVD",
"id": "CVE-2016-0966"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.559",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.326",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0966"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0966",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0966",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88476",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0966",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0966",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-224",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88476",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0966",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88476"
},
{
"db": "VULMON",
"id": "CVE-2016-0966"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"db": "NVD",
"id": "CVE-2016-0966"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. This vulnerability CVE-2016-0964 , CVE-2016-0965 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0978 , CVE-2016-0979 , CVE-2016-0980 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0166-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html\nIssue date: 2016-02-10\nCVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 \n CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 \n CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 \n CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 \n CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 \n CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 \n CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 \n CVE-2016-0985 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0964, CVE-2016-0965,\nCVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970,\nCVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,\nCVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980,\nCVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.569. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0964\nhttps://access.redhat.com/security/cve/CVE-2016-0965\nhttps://access.redhat.com/security/cve/CVE-2016-0966\nhttps://access.redhat.com/security/cve/CVE-2016-0967\nhttps://access.redhat.com/security/cve/CVE-2016-0968\nhttps://access.redhat.com/security/cve/CVE-2016-0969\nhttps://access.redhat.com/security/cve/CVE-2016-0970\nhttps://access.redhat.com/security/cve/CVE-2016-0971\nhttps://access.redhat.com/security/cve/CVE-2016-0972\nhttps://access.redhat.com/security/cve/CVE-2016-0973\nhttps://access.redhat.com/security/cve/CVE-2016-0974\nhttps://access.redhat.com/security/cve/CVE-2016-0975\nhttps://access.redhat.com/security/cve/CVE-2016-0976\nhttps://access.redhat.com/security/cve/CVE-2016-0977\nhttps://access.redhat.com/security/cve/CVE-2016-0978\nhttps://access.redhat.com/security/cve/CVE-2016-0979\nhttps://access.redhat.com/security/cve/CVE-2016-0980\nhttps://access.redhat.com/security/cve/CVE-2016-0981\nhttps://access.redhat.com/security/cve/CVE-2016-0982\nhttps://access.redhat.com/security/cve/CVE-2016-0983\nhttps://access.redhat.com/security/cve/CVE-2016-0984\nhttps://access.redhat.com/security/cve/CVE-2016-0985\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a\nBqfeXKQ7gO6znLLAPjMjwBk=\n=bzir\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0966"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"db": "VULHUB",
"id": "VHN-88476"
},
{
"db": "VULMON",
"id": "CVE-2016-0966"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0966",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1034970",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001425",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-224",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88476",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0966",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135727",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88476"
},
{
"db": "VULMON",
"id": "CVE-2016-0966"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0966"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
]
},
"id": "VAR-201602-0337",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88476"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.102000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-04.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-022.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-022.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160212f.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60166"
},
{
"title": "Red Hat: CVE-2016-0966",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0966"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0966"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88476"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"db": "NVD",
"id": "CVE-2016-0966"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0166.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1034970"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0966"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160210-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160008.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0966"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17700"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0966"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0983"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0967"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0970"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0979"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0985"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0972"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0968"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0981"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0980"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88476"
},
{
"db": "VULMON",
"id": "CVE-2016-0966"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0966"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88476"
},
{
"db": "VULMON",
"id": "CVE-2016-0966"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0966"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-88476"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0966"
},
{
"date": "2016-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-02-11T17:41:19",
"db": "PACKETSTORM",
"id": "135727"
},
{
"date": "2016-02-10T20:59:13.797000",
"db": "NVD",
"id": "CVE-2016-0966"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-88476"
},
{
"date": "2023-01-30T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0966"
},
{
"date": "2016-02-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001425"
},
{
"date": "2023-01-30T18:00:02.307000",
"db": "NVD",
"id": "CVE-2016-0966"
},
{
"date": "2023-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001425"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-224"
}
],
"trust": 0.6
}
}
VAR-201602-0329
Vulnerability from variot - Updated: 2023-12-18 12:06Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0980, and CVE-2016-0981. This vulnerability CVE-2016-0964 , CVE-2016-0965 , CVE-2016-0966 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0978 , CVE-2016-0980 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0329",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.272"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.260 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.569 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.306 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.329 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001466"
},
{
"db": "NVD",
"id": "CVE-2016-0979"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-237"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.559",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.326",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0979"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0979",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0979",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88489",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0979",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0979",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-237",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88489",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0979",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88489"
},
{
"db": "VULMON",
"id": "CVE-2016-0979"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001466"
},
{
"db": "NVD",
"id": "CVE-2016-0979"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-237"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0980, and CVE-2016-0981. This vulnerability CVE-2016-0964 , CVE-2016-0965 , CVE-2016-0966 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0978 , CVE-2016-0980 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0166-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html\nIssue date: 2016-02-10\nCVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 \n CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 \n CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 \n CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 \n CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 \n CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 \n CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 \n CVE-2016-0985 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0964, CVE-2016-0965,\nCVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970,\nCVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,\nCVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980,\nCVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.569. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0964\nhttps://access.redhat.com/security/cve/CVE-2016-0965\nhttps://access.redhat.com/security/cve/CVE-2016-0966\nhttps://access.redhat.com/security/cve/CVE-2016-0967\nhttps://access.redhat.com/security/cve/CVE-2016-0968\nhttps://access.redhat.com/security/cve/CVE-2016-0969\nhttps://access.redhat.com/security/cve/CVE-2016-0970\nhttps://access.redhat.com/security/cve/CVE-2016-0971\nhttps://access.redhat.com/security/cve/CVE-2016-0972\nhttps://access.redhat.com/security/cve/CVE-2016-0973\nhttps://access.redhat.com/security/cve/CVE-2016-0974\nhttps://access.redhat.com/security/cve/CVE-2016-0975\nhttps://access.redhat.com/security/cve/CVE-2016-0976\nhttps://access.redhat.com/security/cve/CVE-2016-0977\nhttps://access.redhat.com/security/cve/CVE-2016-0978\nhttps://access.redhat.com/security/cve/CVE-2016-0979\nhttps://access.redhat.com/security/cve/CVE-2016-0980\nhttps://access.redhat.com/security/cve/CVE-2016-0981\nhttps://access.redhat.com/security/cve/CVE-2016-0982\nhttps://access.redhat.com/security/cve/CVE-2016-0983\nhttps://access.redhat.com/security/cve/CVE-2016-0984\nhttps://access.redhat.com/security/cve/CVE-2016-0985\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a\nBqfeXKQ7gO6znLLAPjMjwBk=\n=bzir\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0979"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001466"
},
{
"db": "VULHUB",
"id": "VHN-88489"
},
{
"db": "VULMON",
"id": "CVE-2016-0979"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0979",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1034970",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001466",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-237",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88489",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0979",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135727",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88489"
},
{
"db": "VULMON",
"id": "CVE-2016-0979"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001466"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0979"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-237"
}
]
},
"id": "VAR-201602-0329",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88489"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.056000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-04.html"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Security Update for Adobe Flash Player (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-022.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-022.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160212f.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60179"
},
{
"title": "Red Hat: CVE-2016-0979",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0979"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0979"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001466"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-237"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88489"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001466"
},
{
"db": "NVD",
"id": "CVE-2016-0979"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0166.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1034970"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0979"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160210-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160008.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0979"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17700"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=43832"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0983"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0967"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0970"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0979"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0985"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0972"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0966"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0968"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0981"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0980"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88489"
},
{
"db": "VULMON",
"id": "CVE-2016-0979"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001466"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0979"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-237"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88489"
},
{
"db": "VULMON",
"id": "CVE-2016-0979"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001466"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0979"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-237"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-88489"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0979"
},
{
"date": "2016-02-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001466"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-02-11T17:41:19",
"db": "PACKETSTORM",
"id": "135727"
},
{
"date": "2016-02-10T20:59:27.157000",
"db": "NVD",
"id": "CVE-2016-0979"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-237"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-88489"
},
{
"date": "2023-01-30T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0979"
},
{
"date": "2016-02-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001466"
},
{
"date": "2023-01-30T17:53:26.830000",
"db": "NVD",
"id": "CVE-2016-0979"
},
{
"date": "2023-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-237"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-237"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001466"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-237"
}
],
"trust": 0.6
}
}
VAR-201603-0270
Vulnerability from variot - Updated: 2023-12-18 12:06Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. This vulnerability CVE-2016-0988 , CVE-2016-0990 , CVE-2016-0991 , CVE-2016-0994 , CVE-2016-0995 , CVE-2016-0996 , CVE-2016-0997 , CVE-2016-0998 , CVE-2016-0999 ,and CVE-2016-1000 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. A use-after-free vulnerability exists in several Adobe products. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0438-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html Issue date: 2016-03-11 CVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005, CVE-2016-1010)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.577.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.577-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.577-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.577-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0960 https://access.redhat.com/security/cve/CVE-2016-0961 https://access.redhat.com/security/cve/CVE-2016-0962 https://access.redhat.com/security/cve/CVE-2016-0963 https://access.redhat.com/security/cve/CVE-2016-0986 https://access.redhat.com/security/cve/CVE-2016-0987 https://access.redhat.com/security/cve/CVE-2016-0988 https://access.redhat.com/security/cve/CVE-2016-0989 https://access.redhat.com/security/cve/CVE-2016-0990 https://access.redhat.com/security/cve/CVE-2016-0991 https://access.redhat.com/security/cve/CVE-2016-0992 https://access.redhat.com/security/cve/CVE-2016-0993 https://access.redhat.com/security/cve/CVE-2016-0994 https://access.redhat.com/security/cve/CVE-2016-0995 https://access.redhat.com/security/cve/CVE-2016-0996 https://access.redhat.com/security/cve/CVE-2016-0997 https://access.redhat.com/security/cve/CVE-2016-0998 https://access.redhat.com/security/cve/CVE-2016-0999 https://access.redhat.com/security/cve/CVE-2016-1000 https://access.redhat.com/security/cve/CVE-2016-1001 https://access.redhat.com/security/cve/CVE-2016-1002 https://access.redhat.com/security/cve/CVE-2016-1005 https://access.redhat.com/security/cve/CVE-2016-1010 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx fg/pDiOCh9x1HJhk/a+BDeA= =4hyN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0270",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.2.2.306"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.569"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "air",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (android)"
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.176 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.176 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.577 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "21.0.0.182 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 21.0.0.182 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.333 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.306"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player esr",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "18.0.0.329"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.260"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001726"
},
{
"db": "NVD",
"id": "CVE-2016-0987"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-196"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.569",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.2.2.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.306",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.260",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0987"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0987",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0987",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88497",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0987",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0987",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-196",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88497",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0987",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88497"
},
{
"db": "VULMON",
"id": "CVE-2016-0987"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001726"
},
{
"db": "NVD",
"id": "CVE-2016-0987"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-196"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK \u0026 Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. This vulnerability CVE-2016-0988 , CVE-2016-0990 , CVE-2016-0991 , CVE-2016-0994 , CVE-2016-0995 , CVE-2016-0996 , CVE-2016-0997 , CVE-2016-0998 , CVE-2016-0999 ,and CVE-2016-1000 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. A use-after-free vulnerability exists in several Adobe products. The following versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.306 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.329 and earlier versions, AIR Desktop Runtime 20.0.0.260 and earlier versions, based on Windows, Macintosh , Adobe Flash Player for Google Chrome 20.0.0.306 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.306 and earlier versions based on Windows 10 platform, and Adobe Flash Player for Windows 8.1-based platforms Internet Explorer 11 20.0.0.306 and earlier versions, Adobe Flash Player for Linux 11.2.202.569 and earlier versions based on Linux platforms, AIR SDK 20.0.0.260 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.260 and earlier, AIR for Android 20.0.0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, or bypass security restrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0438-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0438.html\nIssue date: 2016-03-11\nCVE Names: CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 \n CVE-2016-0963 CVE-2016-0986 CVE-2016-0987 \n CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 \n CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 \n CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 \n CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 \n CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 \n CVE-2016-1005 CVE-2016-1010 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-08 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0960, CVE-2016-0961,\nCVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988,\nCVE-2016-0989, CVE-2016-0990, CVE-2016-0991, CVE-2016-0992, CVE-2016-0993,\nCVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998,\nCVE-2016-0999, CVE-2016-1000, CVE-2016-1001, CVE-2016-1002, CVE-2016-1005,\nCVE-2016-1010)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.577. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1316809 - flash-plugin: multiple code execution issues fixed in APSB16-08\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.577-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0960\nhttps://access.redhat.com/security/cve/CVE-2016-0961\nhttps://access.redhat.com/security/cve/CVE-2016-0962\nhttps://access.redhat.com/security/cve/CVE-2016-0963\nhttps://access.redhat.com/security/cve/CVE-2016-0986\nhttps://access.redhat.com/security/cve/CVE-2016-0987\nhttps://access.redhat.com/security/cve/CVE-2016-0988\nhttps://access.redhat.com/security/cve/CVE-2016-0989\nhttps://access.redhat.com/security/cve/CVE-2016-0990\nhttps://access.redhat.com/security/cve/CVE-2016-0991\nhttps://access.redhat.com/security/cve/CVE-2016-0992\nhttps://access.redhat.com/security/cve/CVE-2016-0993\nhttps://access.redhat.com/security/cve/CVE-2016-0994\nhttps://access.redhat.com/security/cve/CVE-2016-0995\nhttps://access.redhat.com/security/cve/CVE-2016-0996\nhttps://access.redhat.com/security/cve/CVE-2016-0997\nhttps://access.redhat.com/security/cve/CVE-2016-0998\nhttps://access.redhat.com/security/cve/CVE-2016-0999\nhttps://access.redhat.com/security/cve/CVE-2016-1000\nhttps://access.redhat.com/security/cve/CVE-2016-1001\nhttps://access.redhat.com/security/cve/CVE-2016-1002\nhttps://access.redhat.com/security/cve/CVE-2016-1005\nhttps://access.redhat.com/security/cve/CVE-2016-1010\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFW4xBVXlSAg2UNWIIRAkCgAKCHw64puWPWdM5cVPU2vBI1mHZyFgCeI2Rx\nfg/pDiOCh9x1HJhk/a+BDeA=\n=4hyN\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0987"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001726"
},
{
"db": "VULHUB",
"id": "VHN-88497"
},
{
"db": "VULMON",
"id": "CVE-2016-0987"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0987",
"trust": 2.8
},
{
"db": "BID",
"id": "84312",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1035251",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001726",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-196",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88497",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0987",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136178",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88497"
},
{
"db": "VULMON",
"id": "CVE-2016-0987"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001726"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0987"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-196"
}
]
},
"id": "VAR-201603-0270",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88497"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.461000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"title": "APSB16-08",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-08.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-036.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3144756)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-036.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160314f.html"
},
{
"title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60554"
},
{
"title": "Red Hat: CVE-2016-0987",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0987"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0996 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0997 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0995 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0994 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0987 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0990 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0998 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-1000 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2016-0999 "
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/adobe-patches-23-vulnerabilities-in-todays-flash-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0987"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001726"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-196"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88497"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001726"
},
{
"db": "NVD",
"id": "CVE-2016-0987"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/84312"
},
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1035251"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0987"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160311-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160014.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0987"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17875"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/416.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0961"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0963"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0994"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2016-0438.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0997"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0990"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0993"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0960"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0986"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0998"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0989"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0988"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-1010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0999"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0992"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0991"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0990"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88497"
},
{
"db": "VULMON",
"id": "CVE-2016-0987"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001726"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0987"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-196"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88497"
},
{
"db": "VULMON",
"id": "CVE-2016-0987"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001726"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "136178"
},
{
"db": "NVD",
"id": "CVE-2016-0987"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-196"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-12T00:00:00",
"db": "VULHUB",
"id": "VHN-88497"
},
{
"date": "2016-03-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0987"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001726"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-03-11T23:23:00",
"db": "PACKETSTORM",
"id": "136178"
},
{
"date": "2016-03-12T15:59:07.823000",
"db": "NVD",
"id": "CVE-2016-0987"
},
{
"date": "2016-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-196"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-88497"
},
{
"date": "2022-12-14T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0987"
},
{
"date": "2016-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001726"
},
{
"date": "2022-12-14T19:02:35.967000",
"db": "NVD",
"id": "CVE-2016-0987"
},
{
"date": "2022-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-196"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-196"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001726"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-196"
}
],
"trust": 0.6
}
}
VAR-201602-0328
Vulnerability from variot - Updated: 2023-12-18 12:06Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. This vulnerability CVE-2016-0964 , CVE-2016-0965 , CVE-2016-0966 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0979 , CVE-2016-0980 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0328",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "18.0.0.326"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.272"
},
{
"model": "air sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "flash player desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air desktop runtime",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.2.202.559"
},
{
"model": "air sdk \\\u0026 compiler",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "chrome",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "air",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.260 (windows/macintosh)"
},
{
"model": "air sdk",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "air sdk \u0026 compiler",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.260 (windows/macintosh/android/ios)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.2.202.569 (linux)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 10 edition microsoft edge/internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows 8.1 edition internet explorer 11)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "20.0.0.306 (windows/macintosh/linux/chromeos edition chrome)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "desktop runtime 20.0.0.306 (windows/macintosh)"
},
{
"model": "flash player",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous support release 18.0.0.329 (windows/macintosh)"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for 32-bit systems"
},
{
"model": "windows 10",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "version 1511 for x64-based systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for 32-bit systems"
},
{
"model": "windows 8.1",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "for x64-based systems"
},
{
"model": "windows rt 8.1",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2012",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "r2"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.286"
},
{
"model": "air sdk \\\\\\\u0026 compiler",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.245"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.207"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.185"
},
{
"model": "air sdk",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.228"
},
{
"model": "air",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.233"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "19.0.0.226"
},
{
"model": "flash player",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "20.0.0.235"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"db": "NVD",
"id": "CVE-2016-0978"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.2.202.559",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*",
"cpe_name": [],
"versionEndIncluding": "18.0.0.326",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.286",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.272",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "20.0.0.233",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0978"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
}
],
"trust": 0.1
},
"cve": "CVE-2016-0978",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-0978",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-88488",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-0978",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-0978",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-236",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-88488",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-0978",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88488"
},
{
"db": "VULMON",
"id": "CVE-2016-0978"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"db": "NVD",
"id": "CVE-2016-0978"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. This vulnerability CVE-2016-0964 , CVE-2016-0965 , CVE-2016-0966 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0970 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0979 , CVE-2016-0980 ,and CVE-2016-0981 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0166-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html\nIssue date: 2016-02-10\nCVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 \n CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 \n CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 \n CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 \n CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 \n CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 \n CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 \n CVE-2016-0985 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0964, CVE-2016-0965,\nCVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970,\nCVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,\nCVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980,\nCVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.569. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0964\nhttps://access.redhat.com/security/cve/CVE-2016-0965\nhttps://access.redhat.com/security/cve/CVE-2016-0966\nhttps://access.redhat.com/security/cve/CVE-2016-0967\nhttps://access.redhat.com/security/cve/CVE-2016-0968\nhttps://access.redhat.com/security/cve/CVE-2016-0969\nhttps://access.redhat.com/security/cve/CVE-2016-0970\nhttps://access.redhat.com/security/cve/CVE-2016-0971\nhttps://access.redhat.com/security/cve/CVE-2016-0972\nhttps://access.redhat.com/security/cve/CVE-2016-0973\nhttps://access.redhat.com/security/cve/CVE-2016-0974\nhttps://access.redhat.com/security/cve/CVE-2016-0975\nhttps://access.redhat.com/security/cve/CVE-2016-0976\nhttps://access.redhat.com/security/cve/CVE-2016-0977\nhttps://access.redhat.com/security/cve/CVE-2016-0978\nhttps://access.redhat.com/security/cve/CVE-2016-0979\nhttps://access.redhat.com/security/cve/CVE-2016-0980\nhttps://access.redhat.com/security/cve/CVE-2016-0981\nhttps://access.redhat.com/security/cve/CVE-2016-0982\nhttps://access.redhat.com/security/cve/CVE-2016-0983\nhttps://access.redhat.com/security/cve/CVE-2016-0984\nhttps://access.redhat.com/security/cve/CVE-2016-0985\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a\nBqfeXKQ7gO6znLLAPjMjwBk=\n=bzir\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-0978"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"db": "VULHUB",
"id": "VHN-88488"
},
{
"db": "VULMON",
"id": "CVE-2016-0978"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-0978",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1034970",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001465",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-236",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-88488",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-0978",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136202",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135727",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88488"
},
{
"db": "VULMON",
"id": "CVE-2016-0978"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0978"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
]
},
"id": "VAR-201602-0328",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-88488"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:12.627000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"title": "APSB16-04",
"trust": 0.8,
"url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-04.html"
},
{
"title": "Google Chrome",
"trust": 0.8,
"url": "https://www.google.com/intl/ja/chrome/browser/features.html"
},
{
"title": "Chrome Releases",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.jp/"
},
{
"title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b",
"trust": 0.8,
"url": "https://support.google.com/chrome/answer/95414?hl=ja"
},
{
"title": "Security Update for Adobe Flash Player (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/en-us/library/security/ms16-022.aspx"
},
{
"title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3135782)",
"trust": 0.8,
"url": "https://technet.microsoft.com/ja-jp/library/security/ms16-022.aspx"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160212f.html"
},
{
"title": "Multiple Adobe Product security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60178"
},
{
"title": "Red Hat: CVE-2016-0978",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0978"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-0978"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88488"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"db": "NVD",
"id": "CVE-2016-0978"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0166.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1034970"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0978"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160210-adobeflashplayer.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2016/at160008.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0978"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17700"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=43831"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0983"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0976"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0967"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0970"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0977"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0978"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0979"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0985"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0984"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0972"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0966"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0969"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0968"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0982"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0964"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0981"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0965"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0975"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-0980"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-88488"
},
{
"db": "VULMON",
"id": "CVE-2016-0978"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0978"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-88488"
},
{
"db": "VULMON",
"id": "CVE-2016-0978"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "PACKETSTORM",
"id": "135727"
},
{
"db": "NVD",
"id": "CVE-2016-0978"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-88488"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0978"
},
{
"date": "2016-02-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"date": "2016-03-14T14:50:59",
"db": "PACKETSTORM",
"id": "136202"
},
{
"date": "2016-02-11T17:41:19",
"db": "PACKETSTORM",
"id": "135727"
},
{
"date": "2016-02-10T20:59:26.280000",
"db": "NVD",
"id": "CVE-2016-0978"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-88488"
},
{
"date": "2023-01-30T00:00:00",
"db": "VULMON",
"id": "CVE-2016-0978"
},
{
"date": "2016-02-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001465"
},
{
"date": "2023-01-30T17:53:35.487000",
"db": "NVD",
"id": "CVE-2016-0978"
},
{
"date": "2023-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136202"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001465"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-236"
}
],
"trust": 0.6
}
}