All the vulnerabilites related to Google - Chrome
var-201112-0288
Vulnerability from variot
WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 and earlier, does not prevent capture of data about the time required for image loading, which makes it easier for remote attackers to determine whether an image exists in the browser cache via crafted JavaScript code, as demonstrated by visipisi. WebKit is prone to an information-disclosure vulnerability. A remote attacker can exploit this issue to obtain sensitive information that may aid in further attacks. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201112-0288", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "chrome", "scope": "lte", "trust": 1.8, "vendor": "google", "version": "15" }, { "model": "safari", "scope": "lte", "trust": 1.8, "vendor": "apple", "version": "5.1.1" }, { "model": "webkit", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "*" }, { "model": "safari", "scope": "eq", "trust": 0.9, "vendor": "apple", "version": "5.1.1" }, { "model": "webkit", "scope": null, "trust": 0.8, "vendor": "apple", "version": null }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.220" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.101" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "9.0.597.94" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.57" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "12.0.742.100" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "2" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "1.2.3" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.223" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.1" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "1.2.5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.303" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.20" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.43" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.300" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.203" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.105" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.10" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.211" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.18" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "13" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.221" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.104" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.12" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.213" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.306" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.102" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.204" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.307" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.551.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.208" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.128" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.19" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.301" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.14" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.15" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.6" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.205" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.16" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.6" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.17" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.204" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.222" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.215" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.127" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.65" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.225" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.21" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "9.0.597.107" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.302" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.219" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.310" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.218" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.103" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.217" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.224" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "12.0.742.112" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.71" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.100" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.13" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "12.0.742.91" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.308" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "9.0.597.84" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.210" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.550.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "13.0.782.107" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "15.0.874.120" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "14" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.77" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.309" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.214" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.209" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.202" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.226" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.551.1" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "1.2.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.201" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.11" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.68" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.672.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "15.0.874.121" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "12" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "14.0.835.163" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.549.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.304" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.2" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.207" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "13.0.782.112" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.212" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.305" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.216" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.237" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.344" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "15.0.874102" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.206" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.133" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "13.0.782.215" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.205" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.200" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "14.0.835.186" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.4" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "1.2.2-1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "14.0.835.202" } ], "sources": [ { "db": "BID", "id": "51050" }, { "db": "JVNDB", "id": "JVNDB-2011-003316" }, { "db": "NVD", "id": "CVE-2011-4692" }, { "db": "CNNVD", "id": "CNNVD-201112-093" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "5.1.1", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2011-4692" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Unknown", "sources": [ { "db": "BID", "id": "51050" } ], "trust": 0.3 }, "cve": "CVE-2011-4692", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.0, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2011-4692", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-52637", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2011-4692", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201112-093", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-52637", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-52637" }, { "db": "JVNDB", "id": "JVNDB-2011-003316" }, { "db": "NVD", "id": "CVE-2011-4692" }, { "db": "CNNVD", "id": "CNNVD-201112-093" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 and earlier, does not prevent capture of data about the time required for image loading, which makes it easier for remote attackers to determine whether an image exists in the browser cache via crafted JavaScript code, as demonstrated by visipisi. WebKit is prone to an information-disclosure vulnerability. \nA remote attacker can exploit this issue to obtain sensitive information that may aid in further attacks. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome", "sources": [ { "db": "NVD", "id": "CVE-2011-4692" }, { "db": "JVNDB", "id": "JVNDB-2011-003316" }, { "db": "BID", "id": "51050" }, { "db": "VULHUB", "id": "VHN-52637" } ], "trust": 1.98 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2011-4692", "trust": 2.8 }, { "db": "JVNDB", "id": "JVNDB-2011-003316", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201112-093", "trust": 0.7 }, { "db": "NSFOCUS", "id": "18334", "trust": 0.6 }, { "db": "NSFOCUS", "id": "18376", "trust": 0.6 }, { "db": "BID", "id": "51050", "trust": 0.4 }, { "db": "VULHUB", "id": "VHN-52637", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-52637" }, { "db": "BID", "id": "51050" }, { "db": "JVNDB", "id": "JVNDB-2011-003316" }, { "db": "NVD", "id": "CVE-2011-4692" }, { "db": "CNNVD", "id": "CNNVD-201112-093" } ] }, "id": "VAR-201112-0288", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-52637" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T13:30:03.035000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Top Page", "trust": 0.8, "url": "http://www.apple.com/" }, { "title": "Google Chrome", "trust": 0.8, "url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-003316" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-264", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-52637" }, { "db": "JVNDB", "id": "JVNDB-2011-003316" }, { "db": "NVD", "id": "CVE-2011-4692" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "http://oxplot.github.com/visipisi/visipisi.html" }, { "trust": 1.7, "url": "http://lcamtuf.coredump.cx/cachetime/" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14098" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4692" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4692" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/18376" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/18334" }, { "trust": 0.3, "url": "http://www.webkit.org/" } ], "sources": [ { "db": "VULHUB", "id": "VHN-52637" }, { "db": "BID", "id": "51050" }, { "db": "JVNDB", "id": "JVNDB-2011-003316" }, { "db": "NVD", "id": "CVE-2011-4692" }, { "db": "CNNVD", "id": "CNNVD-201112-093" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-52637" }, { "db": "BID", "id": "51050" }, { "db": "JVNDB", "id": "JVNDB-2011-003316" }, { "db": "NVD", "id": "CVE-2011-4692" }, { "db": "CNNVD", "id": "CNNVD-201112-093" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2011-12-07T00:00:00", "db": "VULHUB", "id": "VHN-52637" }, { "date": "2011-12-13T00:00:00", "db": "BID", "id": "51050" }, { "date": "2011-12-12T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-003316" }, { "date": "2011-12-07T19:55:03.267000", "db": "NVD", "id": "CVE-2011-4692" }, { "date": "2011-12-09T00:00:00", "db": "CNNVD", "id": "CNNVD-201112-093" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-09-19T00:00:00", "db": "VULHUB", "id": "VHN-52637" }, { "date": "2015-03-19T08:34:00", "db": "BID", "id": "51050" }, { "date": "2011-12-12T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-003316" }, { "date": "2017-09-19T01:34:26.337000", "db": "NVD", "id": "CVE-2011-4692" }, { "date": "2011-12-09T00:00:00", "db": "CNNVD", "id": "CNNVD-201112-093" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201112-093" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "WebKit Vulnerabilities in which image data in browser cache is presumed", "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-003316" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "permissions and access control", "sources": [ { "db": "CNNVD", "id": "CNNVD-201112-093" } ], "trust": 0.6 } }
var-201603-0072
Vulnerability from variot
Adobe Flash Player and Adobe AIR Use freed memory (Use-after-free) May allow arbitrary code execution vulnerabilities. This vulnerability CVE-2015-8048 , CVE-2015-8049 , CVE-2015-8050 , CVE-2015-8055 , CVE-2015-8056 , CVE-2015-8057 , CVE-2015-8058 , CVE-2015-8059 , CVE-2015-8061 , CVE-2015-8062 , CVE-2015-8063 , CVE-2015-8064 , CVE-2015-8065 , CVE-2015-8066 , CVE-2015-8067 , CVE-2015-8068 , CVE-2015-8069 , CVE-2015-8070 , CVE-2015-8071 , CVE-2015-8401 , CVE-2015-8402 , CVE-2015-8403 , CVE-2015-8404 , CVE-2015-8405 , CVE-2015-8406 , CVE-2015-8410 , CVE-2015-8411 , CVE-2015-8412 , CVE-2015-8413 , CVE-2015-8414 , CVE-2015-8420 , CVE-2015-8421 , CVE-2015-8422 , CVE-2015-8423 , CVE-2015-8424 , CVE-2015-8425 , CVE-2015-8426 , CVE-2015-8427 , CVE-2015-8428 , CVE-2015-8429 , CVE-2015-8430 , CVE-2015-8431 , CVE-2015-8432 , CVE-2015-8433 , CVE-2015-8434 , CVE-2015-8435 , CVE-2015-8436 , CVE-2015-8437 , CVE-2015-8441 , CVE-2015-8442 , CVE-2015-8447 , CVE-2015-8448 , CVE-2015-8449 , CVE-2015-8450 , CVE-2015-8452 , CVE-2015-8454 , CVE-2015-8655 , CVE-2015-8821 ,and CVE-2015-8822 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlCrafted by attackers MPEG-4 An arbitrary code may be executed via the data. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within MPEG-4 parsing. A specially crafted MP4 file can force a dangling pointer to be reused after it has been freed. Adobe Flash Player, Adobe AIR SDK and Adobe AIR SDK & Compiler are all products of American Adobe (Adobe). A use-after-free vulnerability exists in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 19.0.0.245 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 19.0 on Windows 8.0 and 8.1 .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0.241 and earlier versions and AIR SDK & Compiler 19.0.0
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201603-0072", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "11.2.202.548" }, { "model": "air sdk", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "19.0.0.241" }, { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "19.0.0.245" }, { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "18.0.0.261" }, { "model": "air desktop runtime", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "19.0.0.241" }, { "model": "air", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "19.0.0.241" }, { "model": "flash player desktop runtime", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "19.0.0.245" }, { "model": "air sdk \\\u0026 compiler", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "19.0.0.241" }, { "model": "chrome", "scope": "lt", "trust": 0.8, "vendor": "google", "version": "47.0.2526.80 (windows/macintosh/linux/chrome os)" }, { "model": "air", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "20.0.0.204 (android)" }, { "model": "air", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "desktop runtime 20.0.0.204 (windows/macintosh)" }, { "model": "air sdk", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "20.0.0.204 (windows/macintosh/android/ios)" }, { "model": "air sdk \u0026 compiler", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "20.0.0.204 (windows/macintosh/android/ios)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "11.2.202.554 (linux)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "20.0.0.228 (windows 10 edition microsoft edge/internet explorer 11)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "20.0.0.228 (windows 8.0 and 8.1 edition internet explorer 10/11)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "20.0.0.228 (windows/macintosh/linux/chromeos edition chrome)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "desktop runtime (firefox and safari support for ) 20.0.0.235 (windows/macintosh)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "desktop runtime (internet explorer support for ) 20.0.0.228 (windows/macintosh)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "continuous support release 18.0.0.268 (windows/macintosh)" }, { "model": "edge", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "(windows 10)" }, { "model": "internet explorer", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "10 (windows 8/windows server 2012/windows rt)" }, { "model": "internet explorer", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "11 (windows 8.1/windows server 2012 r2/windows rt 8.1/windows 10)" }, { "model": "flash", "scope": null, "trust": 0.7, "vendor": "adobe", "version": null }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "20.0.0.286" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "19.0.0.245" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "19.0.0.207" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "19.0.0.185" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "20.0.0.228" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "18.0.0.261" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "19.0.0.226" }, { "model": "air sdk", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "19.0.0.241" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "20.0.0.235" }, { "model": "air sdk \\\\\\\u0026 compiler", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "19.0.0.241" } ], "sources": [ { "db": "ZDI", "id": "ZDI-15-657" }, { "db": "JVNDB", "id": "JVNDB-2015-006962" }, { "db": "NVD", "id": "CVE-2015-8653" }, { "db": "CNNVD", "id": "CNNVD-201603-035" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.2.202.548", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "cpe_name": [], "versionEndIncluding": "18.0.0.261", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "cpe_name": [], "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "cpe_name": [], "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "cpe_name": [], "versionEndIncluding": "19.0.0.245", "vulnerable": true } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.0.0.241", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2015-8653" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "AbdulAziz Hariri - HPE Zero Day Initiative", "sources": [ { "db": "ZDI", "id": "ZDI-15-657" } ], "trust": 0.7 }, "cve": "CVE-2015-8653", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 9.3, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2015-8653", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "ZDI", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "CVE-2015-8653", "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "MEDIUM", "trust": 0.7, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "id": "VHN-86614", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" } ], "severity": [ { "author": "NVD", "id": "CVE-2015-8653", "trust": 1.8, "value": "HIGH" }, { "author": "ZDI", "id": "CVE-2015-8653", "trust": 0.7, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201603-035", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-86614", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2015-8653", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "ZDI", "id": "ZDI-15-657" }, { "db": "VULHUB", "id": "VHN-86614" }, { "db": "VULMON", "id": "CVE-2015-8653" }, { "db": "JVNDB", "id": "JVNDB-2015-006962" }, { "db": "NVD", "id": "CVE-2015-8653" }, { "db": "CNNVD", "id": "CNNVD-201603-035" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adobe Flash Player and Adobe AIR Use freed memory (Use-after-free) May allow arbitrary code execution vulnerabilities. This vulnerability CVE-2015-8048 , CVE-2015-8049 , CVE-2015-8050 , CVE-2015-8055 , CVE-2015-8056 , CVE-2015-8057 , CVE-2015-8058 , CVE-2015-8059 , CVE-2015-8061 , CVE-2015-8062 , CVE-2015-8063 , CVE-2015-8064 , CVE-2015-8065 , CVE-2015-8066 , CVE-2015-8067 , CVE-2015-8068 , CVE-2015-8069 , CVE-2015-8070 , CVE-2015-8071 , CVE-2015-8401 , CVE-2015-8402 , CVE-2015-8403 , CVE-2015-8404 , CVE-2015-8405 , CVE-2015-8406 , CVE-2015-8410 , CVE-2015-8411 , CVE-2015-8412 , CVE-2015-8413 , CVE-2015-8414 , CVE-2015-8420 , CVE-2015-8421 , CVE-2015-8422 , CVE-2015-8423 , CVE-2015-8424 , CVE-2015-8425 , CVE-2015-8426 , CVE-2015-8427 , CVE-2015-8428 , CVE-2015-8429 , CVE-2015-8430 , CVE-2015-8431 , CVE-2015-8432 , CVE-2015-8433 , CVE-2015-8434 , CVE-2015-8435 , CVE-2015-8436 , CVE-2015-8437 , CVE-2015-8441 , CVE-2015-8442 , CVE-2015-8447 , CVE-2015-8448 , CVE-2015-8449 , CVE-2015-8450 , CVE-2015-8452 , CVE-2015-8454 , CVE-2015-8655 , CVE-2015-8821 ,and CVE-2015-8822 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlCrafted by attackers MPEG-4 An arbitrary code may be executed via the data. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within MPEG-4 parsing. A specially crafted MP4 file can force a dangling pointer to be reused after it has been freed. Adobe Flash Player, Adobe AIR SDK and Adobe AIR SDK \u0026 Compiler are all products of American Adobe (Adobe). A use-after-free vulnerability exists in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.245 and earlier versions based on Windows and Macintosh platforms and Adobe Flash Player Extended Support Release 18.0.0.261 and earlier versions, Adobe Flash based on Windows, Macintosh, Linux and ChromeOS platforms Player for Google Chrome 19.0.0.245 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 19.0.0.245 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 19.0 on Windows 8.0 and 8.1 .0.245 and earlier versions, Adobe Flash Player for Linux 11.2.202.548 and earlier versions based on Linux platforms, AIR Desktop Runtime 19.0.0.241 and earlier versions based on Windows and Macintosh platforms, AIR SDK based on Windows, Macintosh, Android and iOS platforms 19.0.0.241 and earlier versions and AIR SDK \u0026 Compiler 19.0.0", "sources": [ { "db": "JVNDB", "id": "JVNDB-2015-006962" }, { "db": "ZDI", "id": "ZDI-15-657" }, { "db": "VULHUB", "id": "VHN-86614" } ], "trust": 1.44 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2015-8653", "trust": 3.3 }, { "db": "ZDI", "id": "ZDI-15-657", "trust": 2.5 }, { "db": "BID", "id": "84162", "trust": 1.8 }, { "db": "JVNDB", "id": "JVNDB-2015-006962", "trust": 0.8 }, { "db": "ZDI_CAN", "id": "ZDI-CAN-3412", "trust": 0.7 }, { "db": "CNNVD", "id": "CNNVD-201603-035", "trust": 0.7 }, { "db": "VULHUB", "id": "VHN-86614", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2015-8653", "trust": 0.1 } ], "sources": [ { "db": "ZDI", "id": "ZDI-15-657" }, { "db": "VULHUB", "id": "VHN-86614" }, { "db": "VULMON", "id": "CVE-2015-8653" }, { "db": "JVNDB", "id": "JVNDB-2015-006962" }, { "db": "NVD", "id": "CVE-2015-8653" }, { "db": "CNNVD", "id": "CNNVD-201603-035" } ] }, "id": "VAR-201603-0072", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-86614" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T12:06:07.208000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "APSB15-32", "trust": 1.5, "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "title": "APSB15-32", "trust": 0.8, "url": "https://helpx.adobe.com/jp/security/products/flash-player/apsb15-32.html" }, { "title": "Google Chrome", "trust": 0.8, "url": "https://www.google.com/intl/ja/chrome/browser/features.html" }, { "title": "Stable Channel Update", "trust": 0.8, "url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update_8.html" }, { "title": "Stable Channel Update for Chrome OS", "trust": 0.8, "url": "http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update-for-chrome-os_9.html" }, { "title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge (2755801)", "trust": 0.8, "url": "https://technet.microsoft.com/en-us/library/security/2755801" }, { "title": "Internet Explorer \u304a\u3088\u3073 Microsoft Edge \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u5bfe\u5fdc\u3059\u308b\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)", "trust": 0.8, "url": "https://technet.microsoft.com/ja-jp/library/security/2755801" }, { "title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b", "trust": 0.8, "url": "http://www.fmworld.net/biz/common/adobe/20151210f.html" }, { "title": "Multiple Adobe Remediation measures for reusing vulnerabilities after product release", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60396" }, { "title": "Red Hat: Critical: flash-plugin security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20152593 - security advisory" }, { "title": "CVE-Study", "trust": 0.1, "url": "https://github.com/thdusdl1219/cve-study " } ], "sources": [ { "db": "ZDI", "id": "ZDI-15-657" }, { "db": "VULMON", "id": "CVE-2015-8653" }, { "db": "JVNDB", "id": "JVNDB-2015-006962" }, { "db": "CNNVD", "id": "CNNVD-201603-035" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-416", "trust": 1.1 }, { "problemtype": "CWE-Other", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-86614" }, { "db": "JVNDB", "id": "JVNDB-2015-006962" }, { "db": "NVD", "id": "CVE-2015-8653" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" }, { "trust": 1.8, "url": "http://www.securityfocus.com/bid/84162" }, { "trust": 1.8, "url": "http://www.zerodayinitiative.com/advisories/zdi-15-657" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8653" }, { "trust": 0.8, "url": "https://www.ipa.go.jp/security/ciadr/vul/20151209-adobeflashplayer.html" }, { "trust": 0.8, "url": "https://www.jpcert.or.jp/at/2015/at150042.html" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8653" }, { "trust": 0.8, "url": "https://www.npa.go.jp/cyberpolice/topics/?seq=17283" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/416.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2015:2593" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=42571" } ], "sources": [ { "db": "ZDI", "id": "ZDI-15-657" }, { "db": "VULHUB", "id": "VHN-86614" }, { "db": "VULMON", "id": "CVE-2015-8653" }, { "db": "JVNDB", "id": "JVNDB-2015-006962" }, { "db": "NVD", "id": "CVE-2015-8653" }, { "db": "CNNVD", "id": "CNNVD-201603-035" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "ZDI", "id": "ZDI-15-657" }, { "db": "VULHUB", "id": "VHN-86614" }, { "db": "VULMON", "id": "CVE-2015-8653" }, { "db": "JVNDB", "id": "JVNDB-2015-006962" }, { "db": "NVD", "id": "CVE-2015-8653" }, { "db": "CNNVD", "id": "CNNVD-201603-035" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-03-02T00:00:00", "db": "ZDI", "id": "ZDI-15-657" }, { "date": "2016-03-04T00:00:00", "db": "VULHUB", "id": "VHN-86614" }, { "date": "2016-03-04T00:00:00", "db": "VULMON", "id": "CVE-2015-8653" }, { "date": "2016-03-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2015-006962" }, { "date": "2016-03-04T23:59:01.797000", "db": "NVD", "id": "CVE-2015-8653" }, { "date": "2016-03-07T00:00:00", "db": "CNNVD", "id": "CNNVD-201603-035" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-03-02T00:00:00", "db": "ZDI", "id": "ZDI-15-657" }, { "date": "2023-01-30T00:00:00", "db": "VULHUB", "id": "VHN-86614" }, { "date": "2023-05-08T00:00:00", "db": "VULMON", "id": "CVE-2015-8653" }, { "date": "2016-03-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2015-006962" }, { "date": "2023-05-08T13:29:02.290000", "db": "NVD", "id": "CVE-2015-8653" }, { "date": "2023-02-01T00:00:00", "db": "CNNVD", "id": "CNNVD-201603-035" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201603-035" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution", "sources": [ { "db": "JVNDB", "id": "JVNDB-2015-006962" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201603-035" } ], "trust": 0.6 } }
var-201110-0472
Vulnerability from variot
WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors related to (1) the DOMWindow::clear function and use of a selection object, (2) the Object::GetRealNamedPropertyInPrototypeChain function and use of an proto property, (3) the HTMLPlugInImageElement::allowedToLoadFrameURL function and use of a javascript: URL, (4) incorrect origins for XSLT-generated documents in the XSLTProcessor::createDocumentFromSource function, and (5) improper handling of synchronous frame loads in the ScriptController::executeIfJavaScriptURL function. Used in multiple products Webkit Has the same origin policy (Same origin policy) There are vulnerabilities that can be avoided.Same origin policy by a third party (Same origin policy) May be avoided. Google Chrome is prone to multiple vulnerabilities. Attackers can exploit these issues to execute arbitrary code, steal cookie-based authentication credentials, bypass the cross-origin restrictions, perform spoofing attacks, and disclose potentially sensitive information, other attacks may also be possible. Versions prior to Chrome 15.0.874.102 are vulnerable. Google Chrome is a web browser developed by Google (Google). Remote attackers can bypass the same-origin policy with the help of unidentified vectors. These could be used in a malicious web site to direct the user to a spoofed site that visually appears to be a legitimate domain. This issue is addressed through an improved domain name validity check. This issue does not affect OS X systems. CVE-ID CVE-2012-0640 : nshah
WebKit Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later Impact: HTTP authentication credentials may be inadvertently disclosed to another site Description: If a site uses HTTP authentication and redirects to another site, the authentication credentials may be sent to the other site. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Apple iOS Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA48288
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48288/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48288
RELEASE DATE: 2012-03-09
DISCUSS ADVISORY: http://secunia.com/advisories/48288/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/48288/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48288
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A weakness and multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people with physical access to bypass certain security restrictions and by malicious people to disclose sensitive information, conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's device.
1) An error within the CFNetwork component when handling URLs can be exploited to disclose sensitive information by tricking the user into visiting a malicious website.
3) A logic error within the kernel does not properly handle debug system calls and can be exploited to bypass the sandbox restrictions.
4) An integer overflow error within the libresolv library when handling DNS resource records can be exploited to corrupt heap memory.
9) A cross-origin error in the WebKit component can be exploited to bypass the same-origin policy and disclose a cookie by tricking the user into visiting a malicious website.
10) An error within the WebKit component when handling drag-and-drop actions can be exploited to conduct cross-site scripting attacks.
11) Multiple unspecified errors within the WebKit component can be exploited to conduct cross-site scripting attacks.
12) Some vulnerabilities are caused due to a bundled vulnerable version of WebKit.
SOLUTION: Apply iOS 5.1 Software Update.
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Erling Ellingsen, Facebook. 2, 8) pod2g. 3) 2012 iOS Jailbreak Dream Team. 5) Roland Kohler, the German Federal Ministry of Economics and Technology. 6) Eric Melville, American Express. 9) Sergey Glazunov.
ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT5192
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2012-03-07-2 iOS 5.1 Software Update
iOS 5.1 Software Update is now available and addresses the following:
CFNetwork Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send unexpected request headers. CVE-ID CVE-2012-0641 : Erling Ellingsen of Facebook
HFS Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Mounting a maliciously crafted disk image may lead to a device shutdown or arbitrary code execution Description: An integer underflow existed with the handling of HFS catalog files. CVE-ID CVE-2012-0642 : pod2g
Kernel Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A malicious program could bypass sandbox restrictions Description: A logic issue existed in the handling of debug system calls. This may allow a malicious program to gain code execution in other programs with the same user privileges. CVE-ID CVE-2012-0643 : 2012 iOS Jailbreak Dream Team
libresolv Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Applications that use the libresolv library may be vulnerable to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of DNS resource records, which may lead to heap memory corruption. CVE-ID CVE-2011-3453 : Ilja van Sprundel of IOActive
Passcode Lock Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A person with physical access to the device may be able to bypass the screen lock Description: A race condition issue existed in the handling of slide to dial gestures. This may allow a person with physical access to the device to bypass the Passcode Lock screen. CVE-ID CVE-2012-0644 : Roland Kohler of the German Federal Ministry of Economics and Technology
Safari Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Web page visits may be recorded in browser history even when Private Browsing is active Description: Safari's Private Browsing is designed to prevent recording of a browsing session. Pages visited as a result of a site using the JavaScript methods pushState or replaceState were recorded in the browser history even when Private Browsing mode was active. This issue is addressed by not recording such visits when Private Browsing is active. CVE-ID CVE-2012-0585 : Eric Melville of American Express
Siri Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: An attacker with physical access to a locked phone could get access to frontmost email message Description: A design issue existed in Siri's lock screen restrictions. If Siri was enabled for use on the lock screen, and Mail was open with a message selected behind the lock screen, a voice command could be used to send that message to an arbitrary recipient. This issue is addressed by disabling forwarding of active messages from the lock screen. CVE-ID CVE-2012-0645
VPN Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A maliciously crafted system configuration file may lead to arbitrary code execution with system privileges Description: A format string vulnerability existed in the handling of racoon configuration files. CVE-ID CVE-2012-0646 : pod2g
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to the disclosure of cookies Description: A cross-origin issue existed in WebKit, which may allow cookies to be disclosed across origins. CVE-ID CVE-2011-3887 : Sergey Glazunov
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website and dragging content with the mouse may lead to a cross-site scripting attack Description: A cross-origin issue existed in WebKit, which may allow content to be dragged and dropped across origins. CVE-ID CVE-2012-0590 : Adam Barth of Google Chrome Security Team
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: Multiple cross-origin issues existed in WebKit. CVE-ID CVE-2011-3881 : Sergey Glazunov CVE-2012-0586 : Sergey Glazunov CVE-2012-0587 : Sergey Glazunov CVE-2012-0588 : Jochen Eisinger of Google Chrome Team CVE-2012-0589 : Alan Austin of polyvore.com
WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. CVE-ID CVE-2011-2825 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-2833 : Apple CVE-2011-2846 : Arthur Gerkis, miaubiz CVE-2011-2847 : miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2854 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2855 : Arthur Gerkis, wushi of team509 working with iDefense VCP CVE-2011-2857 : miaubiz CVE-2011-2860 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2867 : Dirk Schulze CVE-2011-2868 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2869 : Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2870 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2871 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2872 : Abhishek Arya (Inferno) and Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2873 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2877 : miaubiz CVE-2011-3885 : miaubiz CVE-2011-3888 : miaubiz CVE-2011-3897 : pa_kt working with TippingPoint's Zero Day Initiative CVE-2011-3908 : Aki Helin of OUSPG CVE-2011-3909 : Google Chrome Security Team (scarybeasts) and Chu CVE-2011-3928 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2012-0591 : miaubiz, and Martin Barbella CVE-2012-0592 : Alexander Gavrun working with TippingPoint's Zero Day Initiative CVE-2012-0593 : Lei Zhang of the Chromium development community CVE-2012-0594 : Adam Klein of the Chromium development community CVE-2012-0595 : Apple CVE-2012-0596 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0597 : miaubiz CVE-2012-0598 : Sergey Glazunov CVE-2012-0599 : Dmytro Gorbunov of SaveSources.com CVE-2012-0600 : Marshall Greenblatt, Dharani Govindan of Google Chrome, miaubiz, Aki Helin of OUSPG, Apple CVE-2012-0601 : Apple CVE-2012-0602 : Apple CVE-2012-0603 : Apple CVE-2012-0604 : Apple CVE-2012-0605 : Apple CVE-2012-0606 : Apple CVE-2012-0607 : Apple CVE-2012-0608 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0609 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0610 : miaubiz, Martin Barbella using AddressSanitizer CVE-2012-0611 : Martin Barbella using AddressSanitizer CVE-2012-0612 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0613 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0614 : miaubiz, Martin Barbella using AddressSanitizer CVE-2012-0615 : Martin Barbella using AddressSanitizer CVE-2012-0616 : miaubiz CVE-2012-0617 : Martin Barbella using AddressSanitizer CVE-2012-0618 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0619 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0620 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0621 : Martin Barbella using AddressSanitizer CVE-2012-0622 : Dave Levin and Abhishek Arya of the Google Chrome Security Team CVE-2012-0623 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0624 : Martin Barbella using AddressSanitizer CVE-2012-0625 : Martin Barbella CVE-2012-0626 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0627 : Apple CVE-2012-0628 : Slawomir Blazek, miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0629 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2012-0630 : Sergio Villar Senin of Igalia CVE-2012-0631 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2012-0632 : Cris Neckar of the Google Chrome Security Team using AddressSanitizer CVE-2012-0633 : Apple CVE-2012-0635 : Julien Chaffraix of the Chromium development community, Martin Barbella using AddressSanitizer
Installation note:
This update is only available through iTunes, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/
iTunes will automatically check Apple's update server on its weekly schedule. When an update is detected, it will download it. When the iPhone, iPod touch or iPad is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iPhone, iPod touch, or iPad.
The automatic update process may take up to a week depending on the day that iTunes checks for updates. You may manually obtain the update via the Check for Updates button within iTunes. After doing this, the update can be applied when your iPhone, iPod touch, or iPad is docked to your computer.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. The version after applying this update will be "5.1".
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJPV6M3AAoJEGnF2JsdZQeef/cIAKBSn0czLzJO9fu6ZyjLRvxq 4pIZgfyEVGBzpn+9IeiGFTkkVf+bOsA+Q3RlcsG5g0RlbyFgnuWu59HHsnkrElbM bCfnnTF5eYZX/3fnLzxpX7BUsEona3nf1gHfR24OeEn36C8rZ6rZJfMLqCJNNZGY RDSga1oeMN/AbgZuR9sYKudkE0GOmkLZfR2G4WXmrU+JncR6XoROUwoJBPhg8z90 HAxgDEbduuLLOSe7CHLS3apbh0L2tmxPCWpiBmEMg6PTlFF0HhJQJ0wusrUc8nX6 7TDsAho73wCOpChzBGQeemc6+UEN2uDmUgwVkN6n4D/qN1u6E+d3coUXOlb8hIY= =qPeE -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201111-01
http://security.gentoo.org/
Severity: High Title: Chromium, V8: Multiple vulnerabilities Date: November 01, 2011 Bugs: #351525, #353626, #354121, #356933, #357963, #358581, #360399, #363629, #365125, #366335, #367013, #368649, #370481, #373451, #373469, #377475, #377629, #380311, #380897, #381713, #383251, #385649, #388461 ID: 201111-01
Synopsis
Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code and local root privilege escalation.
Background
Chromium is an open-source web browser project. V8 is Google's open source JavaScript engine.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 15.0.874.102 >= 15.0.874.102 2 dev-lang/v8 < 3.5.10.22 >= 3.5.10.22 ------------------------------------------------------------------- 2 affected packages -------------------------------------------------------------------
Description
Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details.
Impact
A local attacker could gain root privileges (CVE-2011-1444, fixed in chromium-11.0.696.57).
A context-dependent attacker could entice a user to open a specially crafted web site or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process, or a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-15.0.874.102"
All V8 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/v8-3.5.10.22"
References
[ 1 ] CVE-2011-2345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2345 [ 2 ] CVE-2011-2346 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2346 [ 3 ] CVE-2011-2347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2347 [ 4 ] CVE-2011-2348 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2348 [ 5 ] CVE-2011-2349 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2349 [ 6 ] CVE-2011-2350 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2350 [ 7 ] CVE-2011-2351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2351 [ 8 ] CVE-2011-2834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2834 [ 9 ] CVE-2011-2835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2835 [ 10 ] CVE-2011-2837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2837 [ 11 ] CVE-2011-2838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2838 [ 12 ] CVE-2011-2839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2839 [ 13 ] CVE-2011-2840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2840 [ 14 ] CVE-2011-2841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2841 [ 15 ] CVE-2011-2843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2843 [ 16 ] CVE-2011-2844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2844 [ 17 ] CVE-2011-2845 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2845 [ 18 ] CVE-2011-2846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2846 [ 19 ] CVE-2011-2847 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2847 [ 20 ] CVE-2011-2848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2848 [ 21 ] CVE-2011-2849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2849 [ 22 ] CVE-2011-2850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2850 [ 23 ] CVE-2011-2851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2851 [ 24 ] CVE-2011-2852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2852 [ 25 ] CVE-2011-2853 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2853 [ 26 ] CVE-2011-2854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2854 [ 27 ] CVE-2011-2855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2855 [ 28 ] CVE-2011-2856 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2856 [ 29 ] CVE-2011-2857 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2857 [ 30 ] CVE-2011-2858 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2858 [ 31 ] CVE-2011-2859 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2859 [ 32 ] CVE-2011-2860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2860 [ 33 ] CVE-2011-2861 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2861 [ 34 ] CVE-2011-2862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2862 [ 35 ] CVE-2011-2864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2864 [ 36 ] CVE-2011-2874 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2874 [ 37 ] CVE-2011-3234 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3234 [ 38 ] CVE-2011-3873 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3873 [ 39 ] CVE-2011-3875 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3875 [ 40 ] CVE-2011-3876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3876 [ 41 ] CVE-2011-3877 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3877 [ 42 ] CVE-2011-3878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3878 [ 43 ] CVE-2011-3879 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3879 [ 44 ] CVE-2011-3880 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3880 [ 45 ] CVE-2011-3881 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3881 [ 46 ] CVE-2011-3882 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3882 [ 47 ] CVE-2011-3883 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3883 [ 48 ] CVE-2011-3884 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3884 [ 49 ] CVE-2011-3885 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3885 [ 50 ] CVE-2011-3886 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3886 [ 51 ] CVE-2011-3887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3887 [ 52 ] CVE-2011-3888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3888 [ 53 ] CVE-2011-3889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3889 [ 54 ] CVE-2011-3890 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3890 [ 55 ] CVE-2011-3891 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3891 [ 56 ] Release Notes 10.0.648.127 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html [ 57 ] Release Notes 10.0.648.133 http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html [ 58 ] Release Notes 10.0.648.205 http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html [ 59 ] Release Notes 11.0.696.57 http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html [ 60 ] Release Notes 11.0.696.65 http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html [ 61 ] Release Notes 11.0.696.68 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html [ 62 ] Release Notes 11.0.696.71 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html [ 63 ] Release Notes 12.0.742.112 http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html [ 64 ] Release Notes 12.0.742.91 http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html [ 65 ] Release Notes 13.0.782.107 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html [ 66 ] Release Notes 13.0.782.215 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html [ 67 ] Release Notes 13.0.782.220 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html [ 68 ] Release Notes 14.0.835.163 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html [ 69 ] Release Notes 14.0.835.202 http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html [ 70 ] Release Notes 15.0.874.102 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html [ 71 ] Release Notes 8.0.552.237 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html [ 72 ] Release Notes 9.0.597.107 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html [ 73 ] Release Notes 9.0.597.84 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html [ 74 ] Release Notes 9.0.597.94 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201111-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201110-0472", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "chrome", "scope": "lt", "trust": 1.8, "vendor": "google", "version": "15.0.874.102" }, { "model": "safari", "scope": "lt", "trust": 1.8, "vendor": "apple", "version": "5.1.4" }, { "model": "android", "scope": "lt", "trust": 1.0, "vendor": "google", "version": "4.4" }, { "model": "iphone os", "scope": "lt", "trust": 1.0, "vendor": "apple", "version": "5.1" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.6.8" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.7.3" }, { "model": "mac os x server", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.6.8" }, { "model": "mac os x server", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.7.3" }, { "model": "ios", "scope": "lt", "trust": 0.8, "vendor": "apple", "version": "5.1 (ipad and ipad 2)" }, { "model": "ios", "scope": "lt", "trust": 0.8, "vendor": "apple", "version": "5.1 (iphone 3gs)" }, { "model": "ios", "scope": "lt", "trust": 0.8, "vendor": "apple", "version": "5.1 (iphone 4)" }, { "model": "ios", "scope": "lt", "trust": 0.8, "vendor": "apple", "version": "5.1 (iphone 4s)" }, { "model": "ios", "scope": "lt", "trust": 0.8, "vendor": "apple", "version": "5.1 (ipod touch (3rd generation) or later )" }, { "model": "ipad", "scope": null, "trust": 0.8, "vendor": "apple", "version": null }, { "model": "iphone", "scope": null, "trust": 0.8, "vendor": "apple", "version": null }, { "model": "ipod touch", "scope": null, "trust": 0.8, "vendor": "apple", "version": null }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "13.0.775.4" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "13.0.777.1" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "13.0.776.1" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "13.0.777.4" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "13.0.775.2" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "13.0.777.0" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "13.0.777.2" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "13.0.776.0" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "13.0.777.3" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "13.0.777.5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.220" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.101" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "9.0.597.94" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.57" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "12.0.742.100" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.5" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "8.0.2.20" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.223" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2.8" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.303" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.506.0" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "9.0.1.8" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "8.0" }, { "model": "itunes", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "10.6" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.511.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.531.1" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.1" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.20" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.43" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.300" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.539.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.529.0" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.2" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.2" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.535.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.203" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.531.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.536.4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.105" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "9.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.10" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.211" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.28" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.499.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.18" }, { "model": "safari for windows", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "5.1.4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "13" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.541.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.221" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.536.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.39" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.30" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.507.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.104" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.524.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.12" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.213" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.306" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.102" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.530.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.6" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.17" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.307" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.204" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.551.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.208" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.128" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.511.4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.19" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.503.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.507.2" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.2.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.301" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.521.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.507.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.18" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.520.0" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "8.2" }, { "model": "iron", "scope": "eq", "trust": 0.3, "vendor": "srware", "version": "11.0.700.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.544.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.528.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.500.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1.2" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.14" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.15" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.6" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.205" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.16" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.4" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.6" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2.10" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.17" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.35" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.204" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.222" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.215" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.127" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.65" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.31" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.21" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.10" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.3.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.225" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.12" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.526.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.21" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.498.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.20" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.505.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.535.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.497.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.16" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.514.0" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "9.0.597.107" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.302" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.219" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.310" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.515.0" }, { "model": "ios", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "5.1" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.3.5" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.218" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.103" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.217" }, { "model": "iron", "scope": "eq", "trust": 0.3, "vendor": "srware", "version": "13.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.224" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.27" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "12.0.742.112" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.71" }, { "model": "iron", "scope": "eq", "trust": 0.3, "vendor": "srware", "version": "8.0.555.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.100" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.34" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.540.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.7" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.14" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.499.0" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.548.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.542.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.518.0" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "8.1" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "9.0.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.529.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.13" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "12.0.742.91" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2.9" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.510.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.511.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.38" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "9.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.308" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.529.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "9.0.597.84" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.210" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.550.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.525.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.24" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.503.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.547.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.536.2" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.5" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.33" }, { "model": "iron", "scope": "eq", "trust": 0.3, "vendor": "srware", "version": "11.0.700.2" }, { "model": "ios beta", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.536.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.9" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.23" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "13.0.782.107" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.500.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "14" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.11" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.309" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.77" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.214" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "9.2.1" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1" }, { "model": "safari beta", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.209" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.13" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.202" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.226" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.5.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.551.1" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.37" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.547.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.201" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.509.0" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.531.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.26" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.11" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.32" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.22" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.507.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.40" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.43" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.68" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.672.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.36" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.8" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.42" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.1" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2.7" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.504.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "12" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.549.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.44" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.1" }, { "model": "iron", "scope": "eq", "trust": 0.3, "vendor": "srware", "version": "11.0.700.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.514.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.304" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.2" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.207" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "13.0.782.112" }, { "model": "safari beta", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.212" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.305" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.3.2" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.216" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.237" }, { "model": "iron", "scope": "eq", "trust": 0.3, "vendor": "srware", "version": "8.0.555.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.344" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.512.0" }, { "model": "iron", "scope": "eq", "trust": 0.3, "vendor": "srware", "version": "15" }, { "model": "ipad", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.41" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.29" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.206" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.3" }, { "model": "safari", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "5.1.4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.133" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.516.0" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.3" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.1" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "9.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "13.0.782.215" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.205" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "8.0.552.200" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2.1" }, { "model": "iron", "scope": "eq", "trust": 0.3, "vendor": "srware", "version": "11.0.700.3" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.3.4" }, { "model": "chrome", "scope": "ne", "trust": 0.3, "vendor": "google", "version": "15.0.874102" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2.3" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "9.0" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.536.3" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.19" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.537.0" }, { "model": "iron", "scope": "eq", "trust": 0.3, "vendor": "srware", "version": "9.0.600.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.538.0" }, { "model": "iron", "scope": "eq", "trust": 0.3, "vendor": "srware", "version": "13.0.800.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.519.0" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.3.1" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2.5" }, { "model": "iron", "scope": "ne", "trust": 0.3, "vendor": "srware", "version": "15.0.900.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.513.0" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.4" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2.6" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.517.25" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "7.0.522.0" } ], "sources": [ { "db": "BID", "id": "50360" }, { "db": "JVNDB", "id": "JVNDB-2011-002672" }, { "db": "NVD", "id": "CVE-2011-3881" }, { "db": "CNNVD", "id": "CNNVD-201110-608" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "15.0.874.102", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.4", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.1.4", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2011-3881" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Jordi Chancel, Marc Novak, Juho Nurminen, Tom Sepez(Google Chrome Security Team), miaubiz, Masato Kinugawa, Vladimir Vorontsov(ONsec company), Sergey Glazunov, Inferno(Google Chrome Security Team), Brian Ryner(Chromium development community), Christian Hol", "sources": [ { "db": "BID", "id": "50360" } ], "trust": 0.3 }, "cve": "CVE-2011-3881", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 6.8, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2011-3881", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "VHN-51826", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2011-3881", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201110-608", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-51826", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-51826" }, { "db": "JVNDB", "id": "JVNDB-2011-002672" }, { "db": "NVD", "id": "CVE-2011-3881" }, { "db": "CNNVD", "id": "CNNVD-201110-608" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors related to (1) the DOMWindow::clear function and use of a selection object, (2) the Object::GetRealNamedPropertyInPrototypeChain function and use of an __proto__ property, (3) the HTMLPlugInImageElement::allowedToLoadFrameURL function and use of a javascript: URL, (4) incorrect origins for XSLT-generated documents in the XSLTProcessor::createDocumentFromSource function, and (5) improper handling of synchronous frame loads in the ScriptController::executeIfJavaScriptURL function. Used in multiple products Webkit Has the same origin policy (Same origin policy) There are vulnerabilities that can be avoided.Same origin policy by a third party (Same origin policy) May be avoided. Google Chrome is prone to multiple vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code, steal cookie-based authentication credentials, bypass the cross-origin restrictions, perform spoofing attacks, and disclose potentially sensitive information, other attacks may also be possible. \nVersions prior to Chrome 15.0.874.102 are vulnerable. Google Chrome is a web browser developed by Google (Google). Remote attackers can bypass the same-origin policy with the help of unidentified vectors. \nThese could be used in a malicious web site to direct the user to a\nspoofed site that visually appears to be a legitimate domain. This\nissue is addressed through an improved domain name validity check. \nThis issue does not affect OS X systems. \nCVE-ID\nCVE-2012-0640 : nshah\n\nWebKit\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista,\nXP SP2 or later\nImpact: HTTP authentication credentials may be inadvertently\ndisclosed to another site\nDescription: If a site uses HTTP authentication and redirects to\nanother site, the authentication credentials may be sent to the other\nsite. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nApple iOS Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA48288\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48288/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48288\n\nRELEASE DATE:\n2012-03-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48288/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48288/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48288\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness and multiple vulnerabilities have been reported in Apple\niOS, which can be exploited by malicious people with physical access\nto bypass certain security restrictions and by malicious people to\ndisclose sensitive information, conduct cross-site scripting attacks,\nbypass certain security restrictions, and compromise a user\u0027s device. \n\n1) An error within the CFNetwork component when handling URLs can be\nexploited to disclose sensitive information by tricking the user into\nvisiting a malicious website. \n\n3) A logic error within the kernel does not properly handle debug\nsystem calls and can be exploited to bypass the sandbox\nrestrictions. \n\n4) An integer overflow error within the libresolv library when\nhandling DNS resource records can be exploited to corrupt heap\nmemory. \n\n9) A cross-origin error in the WebKit component can be exploited to\nbypass the same-origin policy and disclose a cookie by tricking the\nuser into visiting a malicious website. \n\n10) An error within the WebKit component when handling drag-and-drop\nactions can be exploited to conduct cross-site scripting attacks. \n\n11) Multiple unspecified errors within the WebKit component can be\nexploited to conduct cross-site scripting attacks. \n\n12) Some vulnerabilities are caused due to a bundled vulnerable\nversion of WebKit. \n\nSOLUTION:\nApply iOS 5.1 Software Update. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n1) Erling Ellingsen, Facebook. \n2, 8) pod2g. \n3) 2012 iOS Jailbreak Dream Team. \n5) Roland Kohler, the German Federal Ministry of Economics and\nTechnology. \n6) Eric Melville, American Express. \n9) Sergey Glazunov. \n\nORIGINAL ADVISORY:\nApple:\nhttp://support.apple.com/kb/HT5192\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2012-03-07-2 iOS 5.1 Software Update\n\niOS 5.1 Software Update is now available and addresses the following:\n\nCFNetwork\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of sensitive information\nDescription: An issue existed in CFNetwork\u0027s handling of malformed\nURLs. When accessing a maliciously crafted URL, CFNetwork could send\nunexpected request headers. \nCVE-ID\nCVE-2012-0641 : Erling Ellingsen of Facebook\n\nHFS\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Mounting a maliciously crafted disk image may lead to a\ndevice shutdown or arbitrary code execution\nDescription: An integer underflow existed with the handling of HFS\ncatalog files. \nCVE-ID\nCVE-2012-0642 : pod2g\n\nKernel\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: A malicious program could bypass sandbox restrictions\nDescription: A logic issue existed in the handling of debug system\ncalls. This may allow a malicious program to gain code execution in\nother programs with the same user privileges. \nCVE-ID\nCVE-2012-0643 : 2012 iOS Jailbreak Dream Team\n\nlibresolv\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Applications that use the libresolv library may be\nvulnerable to an unexpected application termination or arbitrary code\nexecution\nDescription: An integer overflow existed in the handling of DNS\nresource records, which may lead to heap memory corruption. \nCVE-ID\nCVE-2011-3453 : Ilja van Sprundel of IOActive\n\nPasscode Lock\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: A person with physical access to the device may be able to\nbypass the screen lock\nDescription: A race condition issue existed in the handling of slide\nto dial gestures. This may allow a person with physical access to the\ndevice to bypass the Passcode Lock screen. \nCVE-ID\nCVE-2012-0644 : Roland Kohler of the German Federal Ministry of\nEconomics and Technology\n\nSafari\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Web page visits may be recorded in browser history even when\nPrivate Browsing is active\nDescription: Safari\u0027s Private Browsing is designed to prevent\nrecording of a browsing session. Pages visited as a result of a site\nusing the JavaScript methods pushState or replaceState were recorded\nin the browser history even when Private Browsing mode was active. \nThis issue is addressed by not recording such visits when Private\nBrowsing is active. \nCVE-ID\nCVE-2012-0585 : Eric Melville of American Express\n\nSiri\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: An attacker with physical access to a locked phone could get\naccess to frontmost email message\nDescription: A design issue existed in Siri\u0027s lock screen\nrestrictions. If Siri was enabled for use on the lock screen, and\nMail was open with a message selected behind the lock screen, a voice\ncommand could be used to send that message to an arbitrary recipient. \nThis issue is addressed by disabling forwarding of active messages\nfrom the lock screen. \nCVE-ID\nCVE-2012-0645\n\nVPN\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: A maliciously crafted system configuration file may lead to\narbitrary code execution with system privileges\nDescription: A format string vulnerability existed in the handling\nof racoon configuration files. \nCVE-ID\nCVE-2012-0646 : pod2g\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of cookies\nDescription: A cross-origin issue existed in WebKit, which may allow\ncookies to be disclosed across origins. \nCVE-ID\nCVE-2011-3887 : Sergey Glazunov\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website and dragging content\nwith the mouse may lead to a cross-site scripting attack\nDescription: A cross-origin issue existed in WebKit, which may allow\ncontent to be dragged and dropped across origins. \nCVE-ID\nCVE-2012-0590 : Adam Barth of Google Chrome Security Team\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: Multiple cross-origin issues existed in WebKit. \nCVE-ID\nCVE-2011-3881 : Sergey Glazunov\nCVE-2012-0586 : Sergey Glazunov\nCVE-2012-0587 : Sergey Glazunov\nCVE-2012-0588 : Jochen Eisinger of Google Chrome Team\nCVE-2012-0589 : Alan Austin of polyvore.com\n\nWebKit\nAvailable for: iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in WebKit. \nCVE-ID\nCVE-2011-2825 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-2833 : Apple\nCVE-2011-2846 : Arthur Gerkis, miaubiz\nCVE-2011-2847 : miaubiz, Abhishek Arya (Inferno) of Google Chrome\nSecurity Team using AddressSanitizer\nCVE-2011-2854 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2855 : Arthur Gerkis, wushi of team509 working with iDefense\nVCP\nCVE-2011-2857 : miaubiz\nCVE-2011-2860 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2867 : Dirk Schulze\nCVE-2011-2868 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2869 : Cris Neckar of Google Chrome Security Team using\nAddressSanitizer\nCVE-2011-2870 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2871 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2872 : Abhishek Arya (Inferno) and Cris Neckar of Google\nChrome Security Team using AddressSanitizer\nCVE-2011-2873 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2877 : miaubiz\nCVE-2011-3885 : miaubiz\nCVE-2011-3888 : miaubiz\nCVE-2011-3897 : pa_kt working with TippingPoint\u0027s Zero Day Initiative\nCVE-2011-3908 : Aki Helin of OUSPG\nCVE-2011-3909 : Google Chrome Security Team (scarybeasts) and Chu\nCVE-2011-3928 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2012-0591 : miaubiz, and Martin Barbella\nCVE-2012-0592 : Alexander Gavrun working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2012-0593 : Lei Zhang of the Chromium development community\nCVE-2012-0594 : Adam Klein of the Chromium development community\nCVE-2012-0595 : Apple\nCVE-2012-0596 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0597 : miaubiz\nCVE-2012-0598 : Sergey Glazunov\nCVE-2012-0599 : Dmytro Gorbunov of SaveSources.com\nCVE-2012-0600 : Marshall Greenblatt, Dharani Govindan of Google\nChrome, miaubiz, Aki Helin of OUSPG, Apple\nCVE-2012-0601 : Apple\nCVE-2012-0602 : Apple\nCVE-2012-0603 : Apple\nCVE-2012-0604 : Apple\nCVE-2012-0605 : Apple\nCVE-2012-0606 : Apple\nCVE-2012-0607 : Apple\nCVE-2012-0608 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0609 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0610 : miaubiz, Martin Barbella using AddressSanitizer\nCVE-2012-0611 : Martin Barbella using AddressSanitizer\nCVE-2012-0612 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0613 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0614 : miaubiz, Martin Barbella using AddressSanitizer\nCVE-2012-0615 : Martin Barbella using AddressSanitizer\nCVE-2012-0616 : miaubiz\nCVE-2012-0617 : Martin Barbella using AddressSanitizer\nCVE-2012-0618 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0619 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0620 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0621 : Martin Barbella using AddressSanitizer\nCVE-2012-0622 : Dave Levin and Abhishek Arya of the Google Chrome\nSecurity Team\nCVE-2012-0623 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0624 : Martin Barbella using AddressSanitizer\nCVE-2012-0625 : Martin Barbella\nCVE-2012-0626 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2012-0627 : Apple\nCVE-2012-0628 : Slawomir Blazek, miaubiz, Abhishek Arya (Inferno) of\nGoogle Chrome Security Team using AddressSanitizer\nCVE-2012-0629 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2012-0630 : Sergio Villar Senin of Igalia\nCVE-2012-0631 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2012-0632 : Cris Neckar of the Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-0633 : Apple\nCVE-2012-0635 : Julien Chaffraix of the Chromium development\ncommunity, Martin Barbella using AddressSanitizer\n\n\nInstallation note:\n\nThis update is only available through iTunes, and will not appear\nin your computer\u0027s Software Update application, or in the Apple\nDownloads site. Make sure you have an Internet connection and have\ninstalled the latest version of iTunes from www.apple.com/itunes/\n\niTunes will automatically check Apple\u0027s update server on its weekly\nschedule. When an update is detected, it will download it. When\nthe iPhone, iPod touch or iPad is docked, iTunes will present the\nuser with the option to install the update. We recommend applying\nthe update immediately if possible. Selecting Don\u0027t Install will\npresent the option the next time you connect your iPhone, iPod touch,\nor iPad. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes checks for updates. You may manually obtain the\nupdate via the Check for Updates button within iTunes. After doing\nthis, the update can be applied when your iPhone, iPod touch, or iPad\nis docked to your computer. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update will be \"5.1\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.16 (Darwin)\n\niQEcBAEBAgAGBQJPV6M3AAoJEGnF2JsdZQeef/cIAKBSn0czLzJO9fu6ZyjLRvxq\n4pIZgfyEVGBzpn+9IeiGFTkkVf+bOsA+Q3RlcsG5g0RlbyFgnuWu59HHsnkrElbM\nbCfnnTF5eYZX/3fnLzxpX7BUsEona3nf1gHfR24OeEn36C8rZ6rZJfMLqCJNNZGY\nRDSga1oeMN/AbgZuR9sYKudkE0GOmkLZfR2G4WXmrU+JncR6XoROUwoJBPhg8z90\nHAxgDEbduuLLOSe7CHLS3apbh0L2tmxPCWpiBmEMg6PTlFF0HhJQJ0wusrUc8nX6\n7TDsAho73wCOpChzBGQeemc6+UEN2uDmUgwVkN6n4D/qN1u6E+d3coUXOlb8hIY=\n=qPeE\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201111-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Chromium, V8: Multiple vulnerabilities\n Date: November 01, 2011\n Bugs: #351525, #353626, #354121, #356933, #357963, #358581,\n #360399, #363629, #365125, #366335, #367013, #368649,\n #370481, #373451, #373469, #377475, #377629, #380311,\n #380897, #381713, #383251, #385649, #388461\n ID: 201111-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been reported in Chromium and V8, some of\nwhich may allow execution of arbitrary code and local root privilege\nescalation. \n\nBackground\n==========\n\nChromium is an open-source web browser project. V8 is Google\u0027s open\nsource JavaScript engine. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-client/chromium \u003c 15.0.874.102 \u003e= 15.0.874.102 \n 2 dev-lang/v8 \u003c 3.5.10.22 \u003e= 3.5.10.22 \n -------------------------------------------------------------------\n 2 affected packages\n -------------------------------------------------------------------\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Chromium and V8. \nPlease review the CVE identifiers and release notes referenced below\nfor details. \n\nImpact\n======\n\nA local attacker could gain root privileges (CVE-2011-1444, fixed in\nchromium-11.0.696.57). \n\nA context-dependent attacker could entice a user to open a specially\ncrafted web site or JavaScript program using Chromium or V8, possibly\nresulting in the execution of arbitrary code with the privileges of the\nprocess, or a Denial of Service condition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Chromium users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-client/chromium-15.0.874.102\"\n\nAll V8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-lang/v8-3.5.10.22\"\n\nReferences\n==========\n\n[ 1 ] CVE-2011-2345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2345\n[ 2 ] CVE-2011-2346\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2346\n[ 3 ] CVE-2011-2347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2347\n[ 4 ] CVE-2011-2348\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2348\n[ 5 ] CVE-2011-2349\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2349\n[ 6 ] CVE-2011-2350\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2350\n[ 7 ] CVE-2011-2351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2351\n[ 8 ] CVE-2011-2834\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2834\n[ 9 ] CVE-2011-2835\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2835\n[ 10 ] CVE-2011-2837\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2837\n[ 11 ] CVE-2011-2838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2838\n[ 12 ] CVE-2011-2839\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2839\n[ 13 ] CVE-2011-2840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2840\n[ 14 ] CVE-2011-2841\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2841\n[ 15 ] CVE-2011-2843\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2843\n[ 16 ] CVE-2011-2844\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2844\n[ 17 ] CVE-2011-2845\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2845\n[ 18 ] CVE-2011-2846\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2846\n[ 19 ] CVE-2011-2847\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2847\n[ 20 ] CVE-2011-2848\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2848\n[ 21 ] CVE-2011-2849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2849\n[ 22 ] CVE-2011-2850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2850\n[ 23 ] CVE-2011-2851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2851\n[ 24 ] CVE-2011-2852\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2852\n[ 25 ] CVE-2011-2853\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2853\n[ 26 ] CVE-2011-2854\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2854\n[ 27 ] CVE-2011-2855\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2855\n[ 28 ] CVE-2011-2856\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2856\n[ 29 ] CVE-2011-2857\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2857\n[ 30 ] CVE-2011-2858\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2858\n[ 31 ] CVE-2011-2859\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2859\n[ 32 ] CVE-2011-2860\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2860\n[ 33 ] CVE-2011-2861\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2861\n[ 34 ] CVE-2011-2862\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2862\n[ 35 ] CVE-2011-2864\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2864\n[ 36 ] CVE-2011-2874\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2874\n[ 37 ] CVE-2011-3234\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3234\n[ 38 ] CVE-2011-3873\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3873\n[ 39 ] CVE-2011-3875\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3875\n[ 40 ] CVE-2011-3876\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3876\n[ 41 ] CVE-2011-3877\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3877\n[ 42 ] CVE-2011-3878\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3878\n[ 43 ] CVE-2011-3879\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3879\n[ 44 ] CVE-2011-3880\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3880\n[ 45 ] CVE-2011-3881\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3881\n[ 46 ] CVE-2011-3882\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3882\n[ 47 ] CVE-2011-3883\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3883\n[ 48 ] CVE-2011-3884\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3884\n[ 49 ] CVE-2011-3885\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3885\n[ 50 ] CVE-2011-3886\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3886\n[ 51 ] CVE-2011-3887\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3887\n[ 52 ] CVE-2011-3888\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3888\n[ 53 ] CVE-2011-3889\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3889\n[ 54 ] CVE-2011-3890\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3890\n[ 55 ] CVE-2011-3891\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3891\n[ 56 ] Release Notes 10.0.648.127\n http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html\n[ 57 ] Release Notes 10.0.648.133\n http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html\n[ 58 ] Release Notes 10.0.648.205\n http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html\n[ 59 ] Release Notes 11.0.696.57\n http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html\n[ 60 ] Release Notes 11.0.696.65\n http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html\n[ 61 ] Release Notes 11.0.696.68\n http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html\n[ 62 ] Release Notes 11.0.696.71\n http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html\n[ 63 ] Release Notes 12.0.742.112\n http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html\n[ 64 ] Release Notes 12.0.742.91\n http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html\n[ 65 ] Release Notes 13.0.782.107\n http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html\n[ 66 ] Release Notes 13.0.782.215\n http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html\n[ 67 ] Release Notes 13.0.782.220\n http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html\n[ 68 ] Release Notes 14.0.835.163\n http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html\n[ 69 ] Release Notes 14.0.835.202\n http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html\n[ 70 ] Release Notes 15.0.874.102\n http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html\n[ 71 ] Release Notes 8.0.552.237\n http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html\n[ 72 ] Release Notes 9.0.597.107\n http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html\n[ 73 ] Release Notes 9.0.597.84\n http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html\n[ 74 ] Release Notes 9.0.597.94\n http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201111-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n", "sources": [ { "db": "NVD", "id": "CVE-2011-3881" }, { "db": "JVNDB", "id": "JVNDB-2011-002672" }, { "db": "BID", "id": "50360" }, { "db": "VULHUB", "id": "VHN-51826" }, { "db": "PACKETSTORM", "id": "110716" }, { "db": "PACKETSTORM", "id": "110650" }, { "db": "PACKETSTORM", "id": "110591" }, { "db": "PACKETSTORM", "id": "110779" }, { "db": "PACKETSTORM", "id": "106471" } ], "trust": 2.43 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2011-3881", "trust": 3.1 }, { "db": "SECUNIA", "id": "48377", "trust": 1.8 }, { "db": "SECUNIA", "id": "48288", "trust": 1.8 }, { "db": "SECTRACK", "id": "1026774", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2011-002672", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201110-608", "trust": 0.7 }, { "db": "BID", "id": "50360", "trust": 0.3 }, { "db": "VULHUB", "id": "VHN-51826", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "110716", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "110650", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "110591", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "110779", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "106471", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-51826" }, { "db": "BID", "id": "50360" }, { "db": "JVNDB", "id": "JVNDB-2011-002672" }, { "db": "PACKETSTORM", "id": "110716" }, { "db": "PACKETSTORM", "id": "110650" }, { "db": "PACKETSTORM", "id": "110591" }, { "db": "PACKETSTORM", "id": "110779" }, { "db": "PACKETSTORM", "id": "106471" }, { "db": "NVD", "id": "CVE-2011-3881" }, { "db": "CNNVD", "id": "CNNVD-201110-608" } ] }, "id": "VAR-201110-0472", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-51826" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T11:01:15.246000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "HT5192", "trust": 0.8, "url": "http://support.apple.com/kb/ht5192" }, { "title": "HT5190", "trust": 0.8, "url": "http://support.apple.com/kb/ht5190" }, { "title": "Google Chrome", "trust": 0.8, "url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja" }, { "title": "chrome-stable-release", "trust": 0.8, "url": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html" }, { "title": "googlechrome", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=40913" }, { "title": "google-chrome-stable_current_x86_64", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=40917" }, { "title": "chrome_installer", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=40912" }, { "title": "google-chrome-stable_current_i386", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=40916" }, { "title": "google-chrome-stable_current_i386", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=40915" }, { "title": "google-chrome-stable_current_amd64", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=40914" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-002672" }, { "db": "CNNVD", "id": "CNNVD-201110-608" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-79", "trust": 1.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-51826" }, { "db": "NVD", "id": "CVE-2011-3881" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.1, "url": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html" }, { "trust": 1.7, "url": "http://lists.apple.com/archives/security-announce/2012/mar/msg00001.html" }, { "trust": 1.7, "url": "http://lists.apple.com/archives/security-announce/2012/mar/msg00003.html" }, { "trust": 1.7, "url": "http://code.google.com/p/chromium/issues/detail?id=96047" }, { "trust": 1.7, "url": "http://code.google.com/p/chromium/issues/detail?id=96885" }, { "trust": 1.7, "url": "http://code.google.com/p/chromium/issues/detail?id=98053" }, { "trust": 1.7, "url": "http://code.google.com/p/chromium/issues/detail?id=99512" }, { "trust": 1.7, "url": "http://code.google.com/p/chromium/issues/detail?id=99750" }, { "trust": 1.7, "url": "https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef" }, { "trust": 1.7, "url": "http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html" }, { "trust": 1.7, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12940" }, { "trust": 1.7, "url": "http://www.securitytracker.com/id?1026774" }, { "trust": 1.7, "url": "http://secunia.com/advisories/48288" }, { "trust": 1.7, "url": "http://secunia.com/advisories/48377" }, { "trust": 1.7, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70959" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3881" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu341747/" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu428075/" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3881" }, { "trust": 0.3, "url": "http://www.google.com/chrome" }, { "trust": 0.3, "url": "http://www.srware.net/forum/viewtopic.php?f=18\u0026t=2753" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2847" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2855" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2854" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2846" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2867" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3888" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2872" }, { "trust": 0.2, "url": "http://support.apple.com/kb/ht1222" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2877" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2871" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3887" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2869" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0585" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2860" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3885" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3928" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2873" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2870" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2868" }, { "trust": 0.2, "url": "https://www.apple.com/support/security/pgp/" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2857" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3897" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2825" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3908" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0586" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3881" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3909" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2833" }, { "trust": 0.2, "url": "http://secunia.com/psi_30_beta_launch" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_intelligence/" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.2, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.2, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.2, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.2, "url": "http://secunia.com/advisories/about_secunia_advisories/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0584" }, { "trust": 0.1, "url": "http://www.apple.com/safari/download/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2866" }, { "trust": 0.1, "url": "http://secunia.com/advisories/48288/#comments" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48288" }, { "trust": 0.1, "url": "http://secunia.com/advisories/48288/" }, { "trust": 0.1, "url": "http://support.apple.com/kb/ht5192" }, { "trust": 0.1, "url": "https://www.apple.com/itunes/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3453" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0587" }, { "trust": 0.1, "url": "http://support.apple.com/kb/ht5190" }, { "trust": 0.1, "url": "http://secunia.com/advisories/48377/#comments" }, { "trust": 0.1, "url": "http://secunia.com/advisories/48377/" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48377" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2849" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2841" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2351" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2847" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3875" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3890" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2350" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3884" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2848" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2853" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2835" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2837" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3879" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3888" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2859" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3881" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3889" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2351" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2844" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2843" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3876" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2844" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2345" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2837" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2853" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2834" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2845" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3877" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2349" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3880" }, { "trust": 0.1, "url": "http://security.gentoo.org/glsa/glsa-201111-01.xml" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2347" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2841" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2835" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2349" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2861" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2862" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2852" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2838" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2839" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2849" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2346" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2858" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3891" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2855" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3887" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3878" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3873" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2840" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2854" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2850" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2838" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2834" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3883" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2851" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2840" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2857" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2851" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2856" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2346" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2347" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2846" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2348" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2850" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2852" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2856" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2874" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2348" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2864" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2350" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2345" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2860" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3234" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2845" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2848" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3886" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2839" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3882" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3885" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2843" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." } ], "sources": [ { "db": "VULHUB", "id": "VHN-51826" }, { "db": "BID", "id": "50360" }, { "db": "JVNDB", "id": "JVNDB-2011-002672" }, { "db": "PACKETSTORM", "id": "110716" }, { "db": "PACKETSTORM", "id": "110650" }, { "db": "PACKETSTORM", "id": "110591" }, { "db": "PACKETSTORM", "id": "110779" }, { "db": "PACKETSTORM", "id": "106471" }, { "db": "NVD", "id": "CVE-2011-3881" }, { "db": "CNNVD", "id": "CNNVD-201110-608" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-51826" }, { "db": "BID", "id": "50360" }, { "db": "JVNDB", "id": "JVNDB-2011-002672" }, { "db": "PACKETSTORM", "id": "110716" }, { "db": "PACKETSTORM", "id": "110650" }, { "db": "PACKETSTORM", "id": "110591" }, { "db": "PACKETSTORM", "id": "110779" }, { "db": "PACKETSTORM", "id": "106471" }, { "db": "NVD", "id": "CVE-2011-3881" }, { "db": "CNNVD", "id": "CNNVD-201110-608" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2011-10-25T00:00:00", "db": "VULHUB", "id": "VHN-51826" }, { "date": "2011-10-25T00:00:00", "db": "BID", "id": "50360" }, { "date": "2011-11-02T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-002672" }, { "date": "2012-03-13T00:58:40", "db": "PACKETSTORM", "id": "110716" }, { "date": "2012-03-11T05:32:13", "db": "PACKETSTORM", "id": "110650" }, { "date": "2012-03-08T22:23:23", "db": "PACKETSTORM", "id": "110591" }, { "date": "2012-03-14T05:16:27", "db": "PACKETSTORM", "id": "110779" }, { "date": "2011-11-01T15:58:39", "db": "PACKETSTORM", "id": "106471" }, { "date": "2011-10-25T19:55:01.540000", "db": "NVD", "id": "CVE-2011-3881" }, { "date": "2011-10-26T00:00:00", "db": "CNNVD", "id": "CNNVD-201110-608" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-05-11T00:00:00", "db": "VULHUB", "id": "VHN-51826" }, { "date": "2012-09-20T00:00:00", "db": "BID", "id": "50360" }, { "date": "2012-03-21T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-002672" }, { "date": "2023-11-07T02:08:44.470000", "db": "NVD", "id": "CVE-2011-3881" }, { "date": "2020-05-12T00:00:00", "db": "CNNVD", "id": "CNNVD-201110-608" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201110-608" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Used in multiple products Webkit Vulnerabilities that bypass the same origin policy", "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-002672" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "xss", "sources": [ { "db": "PACKETSTORM", "id": "110650" }, { "db": "CNNVD", "id": "CNNVD-201110-608" } ], "trust": 0.7 } }
var-201508-0057
Vulnerability from variot
Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, and CVE-2015-5553. This vulnerability CVE-2015-5544 , CVE-2015-5545 , CVE-2015-5546 , CVE-2015-5547 , CVE-2015-5548 , CVE-2015-5549 ,and CVE-2015-5553 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Failed exploit attempts will likely result in denial-of-service conditions. The following products and versions are affected: Adobe Flash Player Desktop Runtime 18.0.0.209 and earlier versions and Adobe Flash Player Extended Support Release 13.0.0.309 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player for Windows, Macintosh and Linux platforms Google Chrome 18.0.0.209 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 18.0.0.209 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 18.0.0.209 on Windows 8.0 and 8.1 and previous versions, Adobe Flash Player for Linux 11.2.202.491 and previous versions based on Linux platforms, AIR Desktop Runtime 18.0.0.180 and previous versions based on Windows and Macintosh platforms, and AIR SDK 18.0 based on Windows, Macintosh, Android and iOS platforms. 0.180 and earlier and AIR SDK & Compiler 18.0.0.180 and earlier. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2015:1603-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1603.html Issue date: 2015-08-12 CVE Names: CVE-2015-5127 CVE-2015-5128 CVE-2015-5129 CVE-2015-5130 CVE-2015-5131 CVE-2015-5132 CVE-2015-5133 CVE-2015-5134 CVE-2015-5539 CVE-2015-5540 CVE-2015-5541 CVE-2015-5544 CVE-2015-5545 CVE-2015-5546 CVE-2015-5547 CVE-2015-5548 CVE-2015-5549 CVE-2015-5550 CVE-2015-5551 CVE-2015-5552 CVE-2015-5553 CVE-2015-5554 CVE-2015-5555 CVE-2015-5556 CVE-2015-5557 CVE-2015-5558 CVE-2015-5559 CVE-2015-5560 CVE-2015-5561 CVE-2015-5562 CVE-2015-5563 CVE-2015-5564 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB15-19 listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1252697 - flash-plugin: multiple code execution flaws (APSB15-19)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.508-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.508-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.508-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.508-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.508-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.508-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.508-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.508-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.508-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.508-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-5127 https://access.redhat.com/security/cve/CVE-2015-5128 https://access.redhat.com/security/cve/CVE-2015-5129 https://access.redhat.com/security/cve/CVE-2015-5130 https://access.redhat.com/security/cve/CVE-2015-5131 https://access.redhat.com/security/cve/CVE-2015-5132 https://access.redhat.com/security/cve/CVE-2015-5133 https://access.redhat.com/security/cve/CVE-2015-5134 https://access.redhat.com/security/cve/CVE-2015-5539 https://access.redhat.com/security/cve/CVE-2015-5540 https://access.redhat.com/security/cve/CVE-2015-5541 https://access.redhat.com/security/cve/CVE-2015-5544 https://access.redhat.com/security/cve/CVE-2015-5545 https://access.redhat.com/security/cve/CVE-2015-5546 https://access.redhat.com/security/cve/CVE-2015-5547 https://access.redhat.com/security/cve/CVE-2015-5548 https://access.redhat.com/security/cve/CVE-2015-5549 https://access.redhat.com/security/cve/CVE-2015-5550 https://access.redhat.com/security/cve/CVE-2015-5551 https://access.redhat.com/security/cve/CVE-2015-5552 https://access.redhat.com/security/cve/CVE-2015-5553 https://access.redhat.com/security/cve/CVE-2015-5554 https://access.redhat.com/security/cve/CVE-2015-5555 https://access.redhat.com/security/cve/CVE-2015-5556 https://access.redhat.com/security/cve/CVE-2015-5557 https://access.redhat.com/security/cve/CVE-2015-5558 https://access.redhat.com/security/cve/CVE-2015-5559 https://access.redhat.com/security/cve/CVE-2015-5560 https://access.redhat.com/security/cve/CVE-2015-5561 https://access.redhat.com/security/cve/CVE-2015-5562 https://access.redhat.com/security/cve/CVE-2015-5563 https://access.redhat.com/security/cve/CVE-2015-5564 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb15-19.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFVy2mAXlSAg2UNWIIRAty7AKCcTl+pzRlPMcYb+ESu7xg0C9nkVwCfbcNj SwY72oO+5brzzyYR9NLDDnE= =izmD -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.508"
References
[ 1 ] CVE-2015-3107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3107 [ 2 ] CVE-2015-5122 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5122 [ 3 ] CVE-2015-5123 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5123 [ 4 ] CVE-2015-5124 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5124 [ 5 ] CVE-2015-5125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5125 [ 6 ] CVE-2015-5127 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5127 [ 7 ] CVE-2015-5129 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5129 [ 8 ] CVE-2015-5130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5130 [ 9 ] CVE-2015-5131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5131 [ 10 ] CVE-2015-5132 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5132 [ 11 ] CVE-2015-5133 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5133 [ 12 ] CVE-2015-5134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5134 [ 13 ] CVE-2015-5539 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5539 [ 14 ] CVE-2015-5540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5540 [ 15 ] CVE-2015-5541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5541 [ 16 ] CVE-2015-5544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5544 [ 17 ] CVE-2015-5545 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5545 [ 18 ] CVE-2015-5546 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5546 [ 19 ] CVE-2015-5547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5547 [ 20 ] CVE-2015-5548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5548 [ 21 ] CVE-2015-5549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5549 [ 22 ] CVE-2015-5550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5550 [ 23 ] CVE-2015-5551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5551 [ 24 ] CVE-2015-5552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5552 [ 25 ] CVE-2015-5553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5553 [ 26 ] CVE-2015-5554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5554 [ 27 ] CVE-2015-5555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5555 [ 28 ] CVE-2015-5556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5556 [ 29 ] CVE-2015-5557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5557 [ 30 ] CVE-2015-5558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5558 [ 31 ] CVE-2015-5559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5559 [ 32 ] CVE-2015-5560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5560 [ 33 ] CVE-2015-5561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5561 [ 34 ] CVE-2015-5562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5562 [ 35 ] CVE-2015-5563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5563 [ 36 ] CVE-2015-5564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5564 [ 37 ] CVE-2015-5965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5965
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201508-01
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05385680
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c05385680 Version: 1
HPSBMU03692 rev.1 - HPE Matrix Operating Environment, Multiple Remote Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2017-02-03 Last Updated: 2017-02-03
Potential Security Impact: Remote: Bypass Security Restrictions, Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS), Denial of Service (DoS), Disclosure of Information, Execution of Arbitrary Code
Source: Hewlett Packard Enterprise, Product Security Response Team
VULNERABILITY SUMMARY Multiple potential security vulnerabilities have been identified in HPE Matrix Operating Enviroment (MOE) on Windows. The vulnerabilities could be exploited remotely resulting in the Bypass of Security Restrictions, cross-site request forgery (CSRF), cross-site scripting (XSS), Denial of Service (DoS), Disclosure of Information, and Execution of Arbitrary Code.
References:
- CVE-2016-8531 - Information Disclosure - VSE
- CVE-2016-8532 - XSS - VCEM
- CVE-2016-8533 - Priviledge Escalation - VCEM
- CVE-2016-8534 - Privilege Elevation - VSE
- CVE-2016-8535 - Http Parameter Pollution - VCEM
- CVE-2017-5780 - Clickjacking - MRM
- CVE-2017-5781 - CSRF - VSE
- CVE-2017-5782 - HSTS Header Missing - IO
- CVE-2017-5783 - Clickjacking - SPM
- CVE-2017-5784 - HSTS Header Missing - SPM
- CVE-2017-5785 - Information Disclosure - SPM
- CVE-2015-5127 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5129 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5130 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5131 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5132 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5133 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5134 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5539 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5540 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5541 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5544 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5545 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5546 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5547 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5548 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5549 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5550 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5551 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5552 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5553 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5555 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5556 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5557 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5558 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5559 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5560 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5561 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5562 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5563 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5564 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5565 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5566 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5575 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5576 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5580 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5574 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5588 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5570 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5572 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-6678 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5571 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5582 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5584 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5587 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5579 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5568 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-6679 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-6682 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-6677 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5573 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5578 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5577 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-6676 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5581 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8415 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8416 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8417 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8418 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8419 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8420 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8421 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8422 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8423 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8424 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8425 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8426 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8427 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8428 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8429 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8430 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8431 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8432 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8433 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8434 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8435 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8436 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8437 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8438 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8439 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8440 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8441 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8442 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8443 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8444 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8445 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8446 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8447 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8448 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8449 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8450 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8451 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8452 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8453 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8454 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8455 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8456 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8457 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8044 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8459 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8460 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8634 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8635 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8636 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8638 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8639 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8640 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8641 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8642 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8643 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8644 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8645 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8646 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8647 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8648 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8649 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8650 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-8651 - Adobe Flash - unauthorized disclosure of information
- CVE-2016-2183 - Sweet32, DES, 3DES
- CVE-2016-0777 - OpenSSH, unauthorized disclosure of information
- CVE-2016-0778 - OpenSSH, unauthorized disclosure of information
- CVE-2016-1907 - OpenSSH, unauthorized disclosure of information
- CVE-2009-5028 - Namazu, unauthorized disclosure of information
- CVE-2011-4345 - Namazu, unauthorized disclosure of information
- CVE-2015-5254 - Apache ActiveMQ unauthorized disclosure of information
- CVE-2016-4366 - HPE SIM, unauthorized disclosure of information
- CVE-2015-5554 - Adobe Flash - unauthorized disclosure of information
- CVE-2015-5567 - Adobe Flash - unauthorized disclosure of information
- CVE-2016-8517 - HPE SIM, Cross-site Scripting (XSS)
- CVE-2016-8516 - HPE SIM, Denial of Service
- CVE-2016-8518 - HPE SIM, Denial of Service
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- HP Matrix Operating Environment Software 7.6
- HP Systems Insight Manager (HP SIM), Software 7.6
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2009-5028
7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2011-4345
3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
2.6 (AV:N/AC:H/Au:N/C:N/I:P/A:N)
CVE-2015-5127
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5129
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5130
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5131
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5132
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5133
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5134
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5254
7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2015-5539
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5540
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5541
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5544
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5545
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5546
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5547
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5548
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5549
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5550
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5551
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5552
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5553
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5554
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5555
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5556
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5557
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5558
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5559
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5560
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5561
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5562
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5563
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5564
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5565
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5566
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5567
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5568
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5570
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5571
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVE-2015-5572
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVE-2015-5573
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5574
7.2 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5575
7.2 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5576
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVE-2015-5577
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5578
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5579
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5580
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5581
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5582
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5584
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5587
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-5588
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-6676
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-6677
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-6678
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-6679
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVE-2015-6682
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8044
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8415
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8416
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8417
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8418
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8419
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8420
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8421
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8422
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8423
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8424
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8425
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8426
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8427
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8428
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8429
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8430
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8431
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8432
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8433
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8434
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8435
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8436
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8437
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8438
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8439
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8440
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8441
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8442
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8443
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8444
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8445
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8446
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8447
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8448
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8449
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8450
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8451
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8452
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8453
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVE-2015-8454
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8455
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8456
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8457
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8459
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVE-2015-8460
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8634
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8635
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8636
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8638
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8639
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8640
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8641
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8642
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8643
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8644
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8645
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8646
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8647
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8648
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8649
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8650
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2015-8651
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVE-2016-0777
3.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)
CVE-2016-0778
5.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P)
CVE-2016-1907
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVE-2016-2183
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVE-2016-4366
7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2016-8516
3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CVE-2016-8517
6.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
7.9 (AV:N/AC:M/Au:S/C:C/I:C/A:N)
CVE-2016-8518
7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 (AV:N/AC:L/Au:N/C:N/I:C/A:N)
CVE-2016-8531
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)
CVE-2016-8532
6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
7.0 (AV:N/AC:M/Au:S/C:P/I:C/A:N)
CVE-2016-8533
5.7 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
6.8 (AV:N/AC:L/Au:S/C:C/I:N/A:N)
CVE-2016-8534
3.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
3.5 (AV:N/AC:M/Au:S/C:P/I:N/A:N)
CVE-2016-8535
4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.0 (AV:N/AC:L/Au:S/C:N/I:P/A:N)
CVE-2017-5780
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)
CVE-2017-5781
3.9 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
5.0 (AV:L/AC:M/Au:S/C:P/I:C/A:N)
CVE-2017-5782
5.6 CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:H
5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVE-2017-5783
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVE-2017-5784
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVE-2017-5785
6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499
RESOLUTION
HPE has provided the following software updates to resolve the vulnerabilities in the HPE Matrix Operating Environment (MOE). The update kit applicable to the HPE Matrix Operating Environment (MOE) 7.6 is available at the following location:
* https://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumb r=HPID
HPE has addressed these vulnerabilities for the impacted software components bundled with HPE Matrix Operating Environment in the following HPE Security Bulletins:
HPE Systems Insight Manager (SIM)
HPE Security Bulletin: HPSBMU03668
* https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05356388
HISTORY Version:1 (rev.1) - 3 February 2017 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.
Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com
Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX
Copyright 2016 Hewlett Packard Enterprise
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201508-0057", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "18.0.0.209" }, { "model": "air sdk \\\u0026 compiler", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "18.0.0.180" }, { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "11.2.202.491" }, { "model": "air sdk", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "18.0.0.180" }, { "model": "air", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "18.0.0.180" }, { "model": "chrome", "scope": null, "trust": 0.8, "vendor": "google", "version": null }, { "model": "air", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "desktop runtime 18.0.0.199 (windows/macintosh)" }, { "model": "air sdk", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "18.0.0.199 (windows/macintosh/android/ios)" }, { "model": "air sdk \u0026 compiler", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "18.0.0.199 (windows/macintosh/android/ios)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "11.2.202.508 (linux)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "18.0.0.232 (internet explorer 10/11)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "18.0.0.232 (microsoft edge)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "18.0.0.232 (windows/macintosh edition chrome)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "18.0.0.233 (linux/chrome os edition chrome)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "desktop runtime 18.0.0.232 (windows/macintosh)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "continuous support release 18.0.0.232 (windows/macintosh)" }, { "model": "edge", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "(windows 10)" }, { "model": "internet explorer", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "10 (windows 8/windows server 2012/windows rt)" }, { "model": "internet explorer", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "11 (windows 8.1/windows server 2012 r2/windows rt 8.1/windows 10)" }, { "model": "air", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "18.0.0.180" }, { "model": "air sdk \\\u0026 compiler", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "18.0.0.180" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "18.0.0.209" }, { "model": "air sdk", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "18.0.0.180" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "11.2.202.491" }, { "model": "hat enterprise linux workstation supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux supplementary server", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "hat enterprise linux server supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux desktop supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux desktop supplementary client", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.53.64" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.51.66" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.452" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.3218" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.22.87" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.15.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.12.36" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.12.35" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.262" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.2460" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.152.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.151.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.124.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.48.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.47.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.45.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.31.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.289.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.283.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.280" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.28.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.277.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.262.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.260.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.246.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.159.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.155.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.115.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.0.35.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.0.34.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.73.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.70.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.69.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.68.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.67.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.66.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.61.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.60.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.53.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.24.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.19.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.14.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "6.0.79" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "6.0.21.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.235" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.233" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.229" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.228" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.223" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.112.61" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.9" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.5" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.63" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.62" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.55" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.228" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.0.1.152" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.2" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.25" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.23" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.22" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.21" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.5" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.4" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.10" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.34" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.26" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.23" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.22" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.16" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.14" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.159.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.157.51" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.156.12" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.28" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.27" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.25" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.24" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.18" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.13" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.153.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.33" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.32" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.21" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.95.2" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.95.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.92.8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.92.10" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.85.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.82.76" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.52.15" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.52.14.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.106.16" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.105.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.102.65" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.102.64" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.42.34" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.32.18" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.0.4" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.0.3" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5.3.9130" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5.3.9120" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5.3" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5.2" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5.1" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "3.2.0.2080" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "3.2.0.2070" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "3.1.0.4880" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "3.0" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.7.1.1961" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.7.1" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.7" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.6.19140" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.6.19120" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.6" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.5.1" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.0.2.12610" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.0.2" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.1" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.01" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.0" } ], "sources": [ { "db": "BID", "id": "76283" }, { "db": "JVNDB", "id": "JVNDB-2015-004092" }, { "db": "NVD", "id": "CVE-2015-5552" }, { "db": "CNNVD", "id": "CNNVD-201508-189" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.2.202.491", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "18.0.0.209", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "18.0.0.180", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "18.0.0.180", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "18.0.0.180", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2015-5552" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Chris Evans, Ben Hawkes and Mateusz Jurczyk of Google Project Zero, Yuki Chen of Qihoo 360 Vulcan Team", "sources": [ { "db": "BID", "id": "76283" }, { "db": "CNNVD", "id": "CNNVD-201508-189" } ], "trust": 0.9 }, "cve": "CVE-2015-5552", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": true, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 10.0, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2015-5552", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "VHN-83513", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2015-5552", "trust": 1.8, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201508-189", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-83513", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2015-5552", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-83513" }, { "db": "VULMON", "id": "CVE-2015-5552" }, { "db": "JVNDB", "id": "JVNDB-2015-004092" }, { "db": "NVD", "id": "CVE-2015-5552" }, { "db": "CNNVD", "id": "CNNVD-201508-189" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK \u0026 Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, and CVE-2015-5553. This vulnerability CVE-2015-5544 , CVE-2015-5545 , CVE-2015-5546 , CVE-2015-5547 , CVE-2015-5548 , CVE-2015-5549 ,and CVE-2015-5553 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Failed exploit attempts will likely result in denial-of-service conditions. The following products and versions are affected: Adobe Flash Player Desktop Runtime 18.0.0.209 and earlier versions and Adobe Flash Player Extended Support Release 13.0.0.309 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player for Windows, Macintosh and Linux platforms Google Chrome 18.0.0.209 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 18.0.0.209 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 18.0.0.209 on Windows 8.0 and 8.1 and previous versions, Adobe Flash Player for Linux 11.2.202.491 and previous versions based on Linux platforms, AIR Desktop Runtime 18.0.0.180 and previous versions based on Windows and Macintosh platforms, and AIR SDK 18.0 based on Windows, Macintosh, Android and iOS platforms. 0.180 and earlier and AIR SDK \u0026 Compiler 18.0.0.180 and earlier. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2015:1603-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1603.html\nIssue date: 2015-08-12\nCVE Names: CVE-2015-5127 CVE-2015-5128 CVE-2015-5129 \n CVE-2015-5130 CVE-2015-5131 CVE-2015-5132 \n CVE-2015-5133 CVE-2015-5134 CVE-2015-5539 \n CVE-2015-5540 CVE-2015-5541 CVE-2015-5544 \n CVE-2015-5545 CVE-2015-5546 CVE-2015-5547 \n CVE-2015-5548 CVE-2015-5549 CVE-2015-5550 \n CVE-2015-5551 CVE-2015-5552 CVE-2015-5553 \n CVE-2015-5554 CVE-2015-5555 CVE-2015-5556 \n CVE-2015-5557 CVE-2015-5558 CVE-2015-5559 \n CVE-2015-5560 CVE-2015-5561 CVE-2015-5562 \n CVE-2015-5563 CVE-2015-5564 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security Bulletin APSB15-19\nlisted in the References section. \n\nMultiple flaws were found in the way flash-plugin displayed certain SWF\ncontent. An attacker could use these flaws to create a specially crafted\nSWF file that would cause flash-plugin to crash or, potentially, execute\narbitrary code when the victim loaded a page containing the malicious SWF\ncontent. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1252697 - flash-plugin: multiple code execution flaws (APSB15-19)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.508-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.508-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.508-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.508-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.508-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.508-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.508-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.508-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.508-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.508-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-5127\nhttps://access.redhat.com/security/cve/CVE-2015-5128\nhttps://access.redhat.com/security/cve/CVE-2015-5129\nhttps://access.redhat.com/security/cve/CVE-2015-5130\nhttps://access.redhat.com/security/cve/CVE-2015-5131\nhttps://access.redhat.com/security/cve/CVE-2015-5132\nhttps://access.redhat.com/security/cve/CVE-2015-5133\nhttps://access.redhat.com/security/cve/CVE-2015-5134\nhttps://access.redhat.com/security/cve/CVE-2015-5539\nhttps://access.redhat.com/security/cve/CVE-2015-5540\nhttps://access.redhat.com/security/cve/CVE-2015-5541\nhttps://access.redhat.com/security/cve/CVE-2015-5544\nhttps://access.redhat.com/security/cve/CVE-2015-5545\nhttps://access.redhat.com/security/cve/CVE-2015-5546\nhttps://access.redhat.com/security/cve/CVE-2015-5547\nhttps://access.redhat.com/security/cve/CVE-2015-5548\nhttps://access.redhat.com/security/cve/CVE-2015-5549\nhttps://access.redhat.com/security/cve/CVE-2015-5550\nhttps://access.redhat.com/security/cve/CVE-2015-5551\nhttps://access.redhat.com/security/cve/CVE-2015-5552\nhttps://access.redhat.com/security/cve/CVE-2015-5553\nhttps://access.redhat.com/security/cve/CVE-2015-5554\nhttps://access.redhat.com/security/cve/CVE-2015-5555\nhttps://access.redhat.com/security/cve/CVE-2015-5556\nhttps://access.redhat.com/security/cve/CVE-2015-5557\nhttps://access.redhat.com/security/cve/CVE-2015-5558\nhttps://access.redhat.com/security/cve/CVE-2015-5559\nhttps://access.redhat.com/security/cve/CVE-2015-5560\nhttps://access.redhat.com/security/cve/CVE-2015-5561\nhttps://access.redhat.com/security/cve/CVE-2015-5562\nhttps://access.redhat.com/security/cve/CVE-2015-5563\nhttps://access.redhat.com/security/cve/CVE-2015-5564\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb15-19.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVy2mAXlSAg2UNWIIRAty7AKCcTl+pzRlPMcYb+ESu7xg0C9nkVwCfbcNj\nSwY72oO+5brzzyYR9NLDDnE=\n=izmD\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.508\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-3107\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3107\n[ 2 ] CVE-2015-5122\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5122\n[ 3 ] CVE-2015-5123\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5123\n[ 4 ] CVE-2015-5124\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5124\n[ 5 ] CVE-2015-5125\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5125\n[ 6 ] CVE-2015-5127\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5127\n[ 7 ] CVE-2015-5129\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5129\n[ 8 ] CVE-2015-5130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5130\n[ 9 ] CVE-2015-5131\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5131\n[ 10 ] CVE-2015-5132\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5132\n[ 11 ] CVE-2015-5133\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5133\n[ 12 ] CVE-2015-5134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5134\n[ 13 ] CVE-2015-5539\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5539\n[ 14 ] CVE-2015-5540\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5540\n[ 15 ] CVE-2015-5541\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5541\n[ 16 ] CVE-2015-5544\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5544\n[ 17 ] CVE-2015-5545\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5545\n[ 18 ] CVE-2015-5546\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5546\n[ 19 ] CVE-2015-5547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5547\n[ 20 ] CVE-2015-5548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5548\n[ 21 ] CVE-2015-5549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5549\n[ 22 ] CVE-2015-5550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5550\n[ 23 ] CVE-2015-5551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5551\n[ 24 ] CVE-2015-5552\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5552\n[ 25 ] CVE-2015-5553\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5553\n[ 26 ] CVE-2015-5554\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5554\n[ 27 ] CVE-2015-5555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5555\n[ 28 ] CVE-2015-5556\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5556\n[ 29 ] CVE-2015-5557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5557\n[ 30 ] CVE-2015-5558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5558\n[ 31 ] CVE-2015-5559\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5559\n[ 32 ] CVE-2015-5560\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5560\n[ 33 ] CVE-2015-5561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5561\n[ 34 ] CVE-2015-5562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5562\n[ 35 ] CVE-2015-5563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5563\n[ 36 ] CVE-2015-5564\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5564\n[ 37 ] CVE-2015-5965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5965\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201508-01\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05385680\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c05385680\nVersion: 1\n\nHPSBMU03692 rev.1 - HPE Matrix Operating Environment, Multiple Remote\nVulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2017-02-03\nLast Updated: 2017-02-03\n\nPotential Security Impact: Remote: Bypass Security Restrictions, Cross-Site\nRequest Forgery (CSRF), Cross-Site Scripting (XSS), Denial of Service (DoS),\nDisclosure of Information, Execution of Arbitrary Code\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nMultiple potential security vulnerabilities have been identified in HPE\nMatrix Operating Enviroment (MOE) on Windows. The vulnerabilities could be\nexploited remotely resulting in the Bypass of Security Restrictions,\ncross-site request forgery (CSRF), cross-site scripting (XSS), Denial of\nService (DoS), Disclosure of Information, and Execution of Arbitrary Code. \n\nReferences:\n\n - CVE-2016-8531 - Information Disclosure - VSE\n - CVE-2016-8532 - XSS - VCEM\n - CVE-2016-8533 - Priviledge Escalation - VCEM\n - CVE-2016-8534 - Privilege Elevation - VSE\n - CVE-2016-8535 - Http Parameter Pollution - VCEM\n - CVE-2017-5780 - Clickjacking - MRM\n - CVE-2017-5781 - CSRF - VSE\n - CVE-2017-5782 - HSTS Header Missing - IO\n - CVE-2017-5783 - Clickjacking - SPM\n - CVE-2017-5784 - HSTS Header Missing - SPM\n - CVE-2017-5785 - Information Disclosure - SPM\n - CVE-2015-5127 - Adobe Flash - unauthorized disclosure of information \n - CVE-2015-5129 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5130 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5131 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5132 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5133 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5134 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5539 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5540 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5541 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5544 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5545 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5546 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5547 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5548 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5549 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5550 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5551 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5552 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5553 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5555 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5556 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5557 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5558 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5559 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5560 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5561 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5562 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5563 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5564 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5565 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5566 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5575 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5576 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5580 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5574 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5588 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5570 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5572 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-6678 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5571 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5582 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5584 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5587 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5579 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5568 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-6679 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-6682 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-6677 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5573 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5578 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5577 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-6676 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5581 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8415 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8416 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8417 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8418 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8419 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8420 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8421 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8422 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8423 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8424 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8425 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8426 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8427 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8428 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8429 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8430 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8431 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8432 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8433 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8434 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8435 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8436 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8437 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8438 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8439 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8440 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8441 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8442 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8443 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8444 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8445 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8446 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8447 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8448 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8449 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8450 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8451 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8452 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8453 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8454 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8455 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8456 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8457 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8044 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8459 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8460 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8634 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8635 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8636 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8638 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8639 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8640 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8641 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8642 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8643 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8644 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8645 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8646 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8647 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8648 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8649 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8650 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-8651 - Adobe Flash - unauthorized disclosure of information\n - CVE-2016-2183 - Sweet32, DES, 3DES\n - CVE-2016-0777 - OpenSSH, unauthorized disclosure of information\n - CVE-2016-0778 - OpenSSH, unauthorized disclosure of information\n - CVE-2016-1907 - OpenSSH, unauthorized disclosure of information\n - CVE-2009-5028 - Namazu, unauthorized disclosure of information\n - CVE-2011-4345 - Namazu, unauthorized disclosure of information\n - CVE-2015-5254 - Apache ActiveMQ unauthorized disclosure of information\n - CVE-2016-4366 - HPE SIM, unauthorized disclosure of information\n - CVE-2015-5554 - Adobe Flash - unauthorized disclosure of information\n - CVE-2015-5567 - Adobe Flash - unauthorized disclosure of information\n - CVE-2016-8517 - HPE SIM, Cross-site Scripting (XSS)\n - CVE-2016-8516 - HPE SIM, Denial of Service\n - CVE-2016-8518 - HPE SIM, Denial of Service\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n - HP Matrix Operating Environment Software 7.6\n - HP Systems Insight Manager (HP SIM), Software 7.6\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2009-5028\n 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\n 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n CVE-2011-4345\n 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\n 2.6 (AV:N/AC:H/Au:N/C:N/I:P/A:N)\n\n CVE-2015-5127\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5129\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5130\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5131\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5132\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5133\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5134\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5254\n 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\n 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n CVE-2015-5539\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5540\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5541\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5544\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5545\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5546\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5547\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5548\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5549\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5550\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5551\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5552\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5553\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5554\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5555\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5556\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5557\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5558\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5559\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5560\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5561\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5562\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5563\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5564\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5565\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5566\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5567\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5568\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5570\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5571\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2015-5572\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n CVE-2015-5573\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5574\n 7.2 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5575\n 7.2 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5576\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n CVE-2015-5577\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5578\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5579\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5580\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5581\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5582\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5584\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5587\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-5588\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-6676\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-6677\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-6678\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-6679\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n CVE-2015-6682\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8044\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8415\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8416\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8417\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8418\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8419\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8420\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8421\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8422\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8423\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8424\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8425\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8426\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8427\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8428\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8429\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8430\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8431\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8432\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8433\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8434\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8435\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8436\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8437\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8438\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8439\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8440\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8441\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8442\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8443\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8444\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8445\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8446\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8447\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8448\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8449\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8450\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8451\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8452\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8453\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2015-8454\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8455\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8456\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8457\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8459\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8460\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8634\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8635\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8636\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8638\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8639\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8640\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8641\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8642\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8643\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8644\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8645\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8646\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8647\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8648\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8649\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8650\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2015-8651\n 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\n\n CVE-2016-0777\n 3.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N\n 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)\n\n CVE-2016-0778\n 5.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L\n 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P)\n\n CVE-2016-1907\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\n 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n CVE-2016-2183\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n CVE-2016-4366\n 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\n 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n CVE-2016-8516\n 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L\n 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)\n\n CVE-2016-8517\n 6.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N\n 7.9 (AV:N/AC:M/Au:S/C:C/I:C/A:N)\n\n CVE-2016-8518\n 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n 7.8 (AV:N/AC:L/Au:N/C:N/I:C/A:N)\n\n CVE-2016-8531\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\n 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)\n\n CVE-2016-8532\n 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N\n 7.0 (AV:N/AC:M/Au:S/C:P/I:C/A:N)\n\n CVE-2016-8533\n 5.7 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N\n 6.8 (AV:N/AC:L/Au:S/C:C/I:N/A:N)\n\n CVE-2016-8534\n 3.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N\n 3.5 (AV:N/AC:M/Au:S/C:P/I:N/A:N)\n\n CVE-2016-8535\n 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\n 4.0 (AV:N/AC:L/Au:S/C:N/I:P/A:N)\n\n CVE-2017-5780\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\n 7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)\n\n CVE-2017-5781\n 3.9 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N\n 5.0 (AV:L/AC:M/Au:S/C:P/I:C/A:N)\n\n CVE-2017-5782\n 5.6 CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:H\n 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)\n\n CVE-2017-5783\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n CVE-2017-5784\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\n 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)\n\n CVE-2017-5785\n 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\n 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has provided the following software updates to resolve the\nvulnerabilities in the HPE Matrix Operating Environment (MOE). The update kit\napplicable to the HPE Matrix Operating Environment (MOE) 7.6 is available at\nthe following location:\n\n *\n\u003chttps://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumb\nr=HPID\u003e\n\nHPE has addressed these vulnerabilities for the impacted software components\nbundled with HPE Matrix Operating Environment in the following HPE Security\nBulletins:\n\n**HPE Systems Insight Manager (SIM)**\n\nHPE Security Bulletin: HPSBMU03668\n\n *\n\u003chttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05356388\u003e\n\nHISTORY\nVersion:1 (rev.1) - 3 February 2017 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n Web form: https://www.hpe.com/info/report-security-vulnerability\n Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners", "sources": [ { "db": "NVD", "id": "CVE-2015-5552" }, { "db": "JVNDB", "id": "JVNDB-2015-004092" }, { "db": "BID", "id": "76283" }, { "db": "VULHUB", "id": "VHN-83513" }, { "db": "VULMON", "id": "CVE-2015-5552" }, { "db": "PACKETSTORM", "id": "133037" }, { "db": "PACKETSTORM", "id": "141092" }, { "db": "PACKETSTORM", "id": "133099" }, { "db": "PACKETSTORM", "id": "141028" } ], "trust": 2.43 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2015-5552", "trust": 3.3 }, { "db": "BID", "id": "76283", "trust": 2.1 }, { "db": "SECTRACK", "id": "1033235", "trust": 1.2 }, { "db": "JVNDB", "id": "JVNDB-2015-004092", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201508-189", "trust": 0.7 }, { "db": "VULHUB", "id": "VHN-83513", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2015-5552", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "133037", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "141092", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "133099", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "141028", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-83513" }, { "db": "VULMON", "id": "CVE-2015-5552" }, { "db": "BID", "id": "76283" }, { "db": "JVNDB", "id": "JVNDB-2015-004092" }, { "db": "PACKETSTORM", "id": "133037" }, { "db": "PACKETSTORM", "id": "141092" }, { "db": "PACKETSTORM", "id": "133099" }, { "db": "PACKETSTORM", "id": "141028" }, { "db": "NVD", "id": "CVE-2015-5552" }, { "db": "CNNVD", "id": "CNNVD-201508-189" } ] }, "id": "VAR-201508-0057", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-83513" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T11:38:50.226000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "APSB15-19", "trust": 0.8, "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-19.html" }, { "title": "APSB15-19", "trust": 0.8, "url": "https://helpx.adobe.com/jp/security/products/flash-player/apsb15-19.html" }, { "title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b", "trust": 0.8, "url": "https://support.google.com/chrome/answer/95414?hl=ja" }, { "title": "Google Chrome", "trust": 0.8, "url": "https://www.google.com/intl/ja/chrome/browser/features.html" }, { "title": "Chrome Releases", "trust": 0.8, "url": "http://googlechromereleases.blogspot.jp/" }, { "title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge (2755801)", "trust": 0.8, "url": "https://technet.microsoft.com/en-us/library/security/2755801" }, { "title": "Internet Explorer \u304a\u3088\u3073 Microsoft Edge \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u5bfe\u5fdc\u3059\u308b\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)", "trust": 0.8, "url": "https://technet.microsoft.com/ja-jp/library/security/2755801" }, { "title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b", "trust": 0.8, "url": "http://www.fmworld.net/biz/common/adobe/20150813f.html" }, { "title": "flashplayer_11.2.202.508_sa_debug.i386", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=57144" }, { "title": "flashplayer_18.0.0.232_sa_debug", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=57143" }, { "title": "flashplayer_18.0.0.232_sa_debug", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=57142" }, { "title": "AdobeAIR-18.0.0.199 Installer", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=57145" }, { "title": "AIRSDKCompiler-18.0.0.199", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=57148" }, { "title": "Red Hat: CVE-2015-5552", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2015-5552" }, { "title": "CVE-Study", "trust": 0.1, "url": "https://github.com/thdusdl1219/cve-study " } ], "sources": [ { "db": "VULMON", "id": "CVE-2015-5552" }, { "db": "JVNDB", "id": "JVNDB-2015-004092" }, { "db": "CNNVD", "id": "CNNVD-201508-189" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-119", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-83513" }, { "db": "JVNDB", "id": "JVNDB-2015-004092" }, { "db": "NVD", "id": "CVE-2015-5552" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.9, "url": "http://www.securityfocus.com/bid/76283" }, { "trust": 1.9, "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-19.html" }, { "trust": 1.3, "url": "https://security.gentoo.org/glsa/201508-01" }, { "trust": 1.3, "url": "http://rhn.redhat.com/errata/rhsa-2015-1603.html" }, { "trust": 1.2, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05356388" }, { "trust": 1.2, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05385680" }, { "trust": 1.2, "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390722" }, { "trust": 1.2, "url": "http://www.securitytracker.com/id/1033235" }, { "trust": 1.2, "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5552" }, { "trust": 0.8, "url": "https://www.ipa.go.jp/security/ciadr/vul/20150812-adobeflashplayer.html" }, { "trust": 0.8, "url": "http://www.jpcert.or.jp/at/2015/at150029.html" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5552" }, { "trust": 0.8, "url": "http://www.npa.go.jp/cyberpolice/topics/?seq=16704" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5540" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5134" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5550" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5553" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5132" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5556" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5554" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5545" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5131" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5129" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5539" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5555" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5133" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5546" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5551" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5544" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5127" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5552" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5547" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5548" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5549" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5130" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5541" }, { "trust": 0.3, "url": "http://www.adobe.com/products/air/" }, { "trust": 0.3, "url": "http://www.adobe.com" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2015-5552" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5557" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5558" }, { "trust": 0.2, "url": "http://www.hpe.com/support/security_bulletin_archive" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-4345" }, { "trust": 0.2, "url": "http://www.hpe.com/support/subscriber_choice" }, { "trust": 0.2, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05356388\u003e" }, { "trust": 0.2, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499" }, { "trust": 0.2, "url": "https://www.hpe.com/info/report-security-vulnerability" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-5028" }, { "trust": 0.2, "url": "https://h20392.www2.hpe.com/portal/swdepot/displayproductinfo.do?productnumb" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5125" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/119.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=40408" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5560" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5559" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5551" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5545" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5549" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5544" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5133" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5539" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5540" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5556" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5554" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5541" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5127" }, { "trust": 0.1, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5130" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5546" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5132" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5550" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.1, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5134" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5129" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5563" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5547" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5128" }, { "trust": 0.1, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5562" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5131" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5558" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5555" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5128" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5564" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5553" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5557" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5560" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5548" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5559" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-5561" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05356363\u003e" }, { "trust": 0.1, "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05320149\u003e" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0050" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4877" }, { "trust": 0.1, "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05376917\u003e" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05390722" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5551" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5134" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5557" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5560" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5561" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5548" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5130" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5131" }, { "trust": 0.1, "url": "https://security.gentoo.org/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5123" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5123" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5563" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5550" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5129" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3107" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5564" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5552" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5554" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5133" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5124" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5544" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5547" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3107" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5122" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5125" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5122" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5553" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5562" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5132" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5541" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5556" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5127" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5539" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5540" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5558" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5124" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5545" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5546" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5559" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5555" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5965" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5549" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5254" }, { "trust": 0.1, "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05385680" } ], "sources": [ { "db": "VULHUB", "id": "VHN-83513" }, { "db": "VULMON", "id": "CVE-2015-5552" }, { "db": "BID", "id": "76283" }, { "db": "JVNDB", "id": "JVNDB-2015-004092" }, { "db": "PACKETSTORM", "id": "133037" }, { "db": "PACKETSTORM", "id": "141092" }, { "db": "PACKETSTORM", "id": "133099" }, { "db": "PACKETSTORM", "id": "141028" }, { "db": "NVD", "id": "CVE-2015-5552" }, { "db": "CNNVD", "id": "CNNVD-201508-189" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-83513" }, { "db": "VULMON", "id": "CVE-2015-5552" }, { "db": "BID", "id": "76283" }, { "db": "JVNDB", "id": "JVNDB-2015-004092" }, { "db": "PACKETSTORM", "id": "133037" }, { "db": "PACKETSTORM", "id": "141092" }, { "db": "PACKETSTORM", "id": "133099" }, { "db": "PACKETSTORM", "id": "141028" }, { "db": "NVD", "id": "CVE-2015-5552" }, { "db": "CNNVD", "id": "CNNVD-201508-189" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2015-08-14T00:00:00", "db": "VULHUB", "id": "VHN-83513" }, { "date": "2015-08-14T00:00:00", "db": "VULMON", "id": "CVE-2015-5552" }, { "date": "2015-08-11T00:00:00", "db": "BID", "id": "76283" }, { "date": "2015-08-17T00:00:00", "db": "JVNDB", "id": "JVNDB-2015-004092" }, { "date": "2015-08-12T19:41:51", "db": "PACKETSTORM", "id": "133037" }, { "date": "2017-02-15T00:39:05", "db": "PACKETSTORM", "id": "141092" }, { "date": "2015-08-17T15:41:19", "db": "PACKETSTORM", "id": "133099" }, { "date": "2017-02-13T16:38:41", "db": "PACKETSTORM", "id": "141028" }, { "date": "2015-08-14T01:59:37.887000", "db": "NVD", "id": "CVE-2015-5552" }, { "date": "2015-08-13T00:00:00", "db": "CNNVD", "id": "CNNVD-201508-189" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-01-05T00:00:00", "db": "VULHUB", "id": "VHN-83513" }, { "date": "2018-01-05T00:00:00", "db": "VULMON", "id": "CVE-2015-5552" }, { "date": "2015-11-03T18:40:00", "db": "BID", "id": "76283" }, { "date": "2015-08-17T00:00:00", "db": "JVNDB", "id": "JVNDB-2015-004092" }, { "date": "2018-01-05T02:30:15.070000", "db": "NVD", "id": "CVE-2015-5552" }, { "date": "2015-08-13T00:00:00", "db": "CNNVD", "id": "CNNVD-201508-189" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "141092" }, { "db": "PACKETSTORM", "id": "133099" }, { "db": "CNNVD", "id": "CNNVD-201508-189" } ], "trust": 0.8 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution", "sources": [ { "db": "JVNDB", "id": "JVNDB-2015-004092" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer overflow", "sources": [ { "db": "CNNVD", "id": "CNNVD-201508-189" } ], "trust": 0.6 } }
var-201205-0256
Vulnerability from variot
Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078. Google Chrome Is incomplete in the processing related to element floating, (DoS) There are vulnerabilities that can be in a state or are otherwise unaffected. This vulnerability Webkit Vulnerability in Google Chrome Other than Webkit Products that use may also be affected. This vulnerability CVE-2011-3078 Is a different vulnerability.Service disruption by a third party (DoS) You may be put into a state or affected by other details. Attackers can exploit these issues to execute arbitrary code in the context of the browser, bypass security restrictions, other attacks may also be possible. Versions prior to Chrome 18.0.1025.168 are vulnerable. Google Chrome is a web browser developed by Google (Google). ============================================================================ Ubuntu Security Notice USN-1617-1 October 25, 2012
webkit vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
Multiple security vulnerabilities were fixed in WebKit.
Software Description: - webkit: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKit browser and JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: libjavascriptcoregtk-1.0-0 1.8.3-0ubuntu0.12.04.1 libjavascriptcoregtk-3.0-0 1.8.3-0ubuntu0.12.04.1 libwebkitgtk-1.0-0 1.8.3-0ubuntu0.12.04.1 libwebkitgtk-3.0-0 1.8.3-0ubuntu0.12.04.1
After a standard system update you need to restart your session to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1617-1 CVE-2011-3031, CVE-2011-3038, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044, CVE-2011-3051, CVE-2011-3053, CVE-2011-3059, CVE-2011-3060, CVE-2011-3064, CVE-2011-3067, CVE-2011-3076, CVE-2011-3081, CVE-2011-3086, CVE-2011-3090, CVE-2012-1521, CVE-2012-3598, CVE-2012-3601, CVE-2012-3604, CVE-2012-3611, CVE-2012-3612, CVE-2012-3617, CVE-2012-3625, CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3645, CVE-2012-3652, CVE-2012-3657, CVE-2012-3669, CVE-2012-3670, CVE-2012-3671, CVE-2012-3672, CVE-2012-3674, CVE-2012-3674, https://launchpad.net/bugs/1058339
Package Information: https://launchpad.net/ubuntu/+source/webkit/1.8.3-0ubuntu0.12.04.1 . ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Google Chrome Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA48992
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48992/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48992
RELEASE DATE: 2012-05-01
DISCUSS ADVISORY: http://secunia.com/advisories/48992/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/48992/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48992
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to compromise a user's system.
1) A use-after-free error exists in floats handling.
2) A use-after-free error exists within the xml parser.
3) An error exists within the IPC validation.
4) A race condition exists within the sandbox IPC.
5) A second use-after-free error exists in floats handling.
SOLUTION: Update to version 18.0.1025.168.
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Marty Barbella, Google Chrome Security Team and miaubiz 2) SkyLined, Google Chrome Security Team and wushi, team509 via iDefense 3) PinkiePie 4) Willem Pinckaers, Matasano. 5) miaubiz
ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201205-01
http://security.gentoo.org/
Severity: Normal Title: Chromium: Multiple vulnerabilities Date: May 15, 2012 Bugs: #414199 ID: 201205-01
Synopsis
Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code.
Background
Chromium is an open source web browser project.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 18.0.1025.168 >= 18.0.1025.168
Description
Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted web site using Chromium, possibly resulting in the execution of arbitrary code with the privileges of the process, or a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-18.0.1025.168"
References
[ 1 ] CVE-2011-3078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3078 [ 2 ] CVE-2011-3081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3081 [ 3 ] CVE-2012-1521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1521 [ 4 ] Release Notes 18.0.1025.168
http://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30= .html
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201205-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201205-0256", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "chrome", "scope": "lt", "trust": 1.8, "vendor": "google", "version": "18.0.1025.168" }, { "model": "itunes", "scope": "lt", "trust": 1.8, "vendor": "apple", "version": "10.7" }, { "model": "safari", "scope": "lt", "trust": 1.0, "vendor": "apple", "version": "6.0" }, { "model": "iphone os", "scope": "lt", "trust": 1.0, "vendor": "apple", "version": "6.0" }, { "model": "ios", "scope": "lt", "trust": 0.8, "vendor": "apple", "version": "6 (ipad 2 or later )" }, { "model": "ios", "scope": "lt", "trust": 0.8, "vendor": "apple", "version": "6 (iphone 3gs or later )" }, { "model": "ios", "scope": "lt", "trust": 0.8, "vendor": "apple", "version": "6 (ipod touch first 4 after generation )" }, { "model": "safari", "scope": "lt", "trust": 0.8, "vendor": "apple", "version": "6.0 (mac os)" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "11.0.696.36" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "10.0.601.0" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "11.0.696.33" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "10.0.603.0" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "11.0.696.34" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "9.0.600.0" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "11.0.696.35" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "10.0.602.0" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "11.0.696.32" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "10.0.648.129" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "13.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "12.0.742.100" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.6" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.8" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.8.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.9" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.5.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.8" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "4.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "16.0.912.75" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.1.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "17.0.963.60" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.19" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.4" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.9" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.2" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.17" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "14.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "36.0.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "11.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.11" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "20.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.4" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.4" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.6" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.2" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.6" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.12" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.9" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.127" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.8" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.16" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "14.01" }, { "model": "firefox esr", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "31.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.4.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "22.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.7" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.8" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "13.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.7.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "17.0.96379" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "6.0.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "37.0.2" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.19" }, { "model": "opensuse evergreen", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.8" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "26" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.20" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.6.3" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "7.0.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "36.0.3" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "33" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.3" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.9" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.8" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.5" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.3" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "35" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.17" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "15.0.874.120" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.77" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.11" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.5" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "27.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "17.0.96365" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "37" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.6" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.16" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.10.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.5" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.14" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "27.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "20.0" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "8.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "15.0.874.121" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.17" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.1" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.13" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "16.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "16.0.912.77" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "18.0.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.2" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.15" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.13" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "13.0.782.112" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.11" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.12" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "9.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.9" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.8" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "12.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.0.13" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.15" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.24" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "6.0.2" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.5" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.1.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "8.0.1" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "13.0.782.215" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "7.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.19" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "28" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.3" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.7" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.3" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.4" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "14.0.835.202" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.57" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.8" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.6" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.3" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.18" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.10" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "26.0" }, { "model": "linux ia-64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.5" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.0" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "25.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.10" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.18" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.6" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.23" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.11" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.8" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.1.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.8" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.9.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.19" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "8.0" }, { "model": "safari for windows", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "6.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.9" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "16.0.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.5" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.10" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.6" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.17" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.26" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "9.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "12.0" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.6" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.6" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.3.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.27" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.11" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.024" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.13" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.5" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.3" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.11" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.7.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.9.2" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.5" }, { "model": "linux x86 64", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "14.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "32.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.3" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.6" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.1" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "15" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.3.5" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.1.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "16.0.91275" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.5" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.8" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.9" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.4" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.9" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.14" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.3" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.9" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.5" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.8" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "7" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.11" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.11" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.8" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.1.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.15" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.8" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.12" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.19" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.15" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "13.0.782.107" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.18" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "14" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.9" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.3" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.6" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.0.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.6" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.16" }, { "model": "thunderbird", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "31.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.6" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.20" }, { "model": "linux mips", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.25" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.11" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.68" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "36" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.6" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.1.2" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.1" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.8" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "14.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "32.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.13" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.6" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "18.0.1025.151" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.3" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "15" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.5" }, { "model": "chrome", "scope": "ne", "trust": 0.3, "vendor": "google", "version": "18.0.1025.168" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.5" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.22" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.9" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "14.0.835.186" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.3" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.7" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.18" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.5" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "19.0.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "16.0.912.63" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.5" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.6.1" }, { "model": "linux x86 64 -current", "scope": null, "trust": 0.3, "vendor": "slackware", "version": null }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.2" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "6.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.4" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.0.1" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.6" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.3" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "15.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.17" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.10" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.3" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.3" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "27" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.2" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.10" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.14" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "4.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "13" }, { "model": "firefox", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "38" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "29.0.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "14" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "30" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.5" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.1.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "28.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "16.0.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.204" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "19.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.128" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.2.2" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.3" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "14.0.1" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.5" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.6" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "29" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "12.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.65" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.6" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.9" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.15" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "32.0.3" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.7.1" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.5" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "23.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.23" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "6.0" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.4" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.12" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.6" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.3" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "15.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "12.0.742.112" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "7.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "6" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.28" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.5" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "19.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "6.0.1" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.10" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.2" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.3" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "14" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.10" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.1.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "16.0.2" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.3" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "9.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.4" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "16" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.16" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.13" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.10" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.1" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.8.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.13" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.512" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.3" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "35.0.1" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.5" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "12" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.17" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "23.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.15" }, { "model": "linux s/390", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "32" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "18.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "33.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.12" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "15.0.874102" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.14" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "7.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "6" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.133" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.11" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.22" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "6.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "17.0.963.46" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.5" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.6" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.10" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.12" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.5" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "18.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "17.0.963.83" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.14" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.12" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "15.0.1" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.4.0.80" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.18" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.2" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.1" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.1" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.5.3" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "9.0" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "5.0.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.6" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.19" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.43" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.16" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.8" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.5" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "16.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.5" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "22.04917" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.3" }, { "model": "safari", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "6.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "7" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "16" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.7" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "30.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.12" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "37.0.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.9" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.10" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.10" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "23.0.1" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.6" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.6" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "5" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.11" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.9" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "34.0.5" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.4" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.10" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "5.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "21.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "18.0.1025.142" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "11.0.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "13.0.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.2" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.21" }, { "model": "linux -current", "scope": null, "trust": 0.3, "vendor": "slackware", "version": null }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "28.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "15.0.1" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.3" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.18" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "25.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.71" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.8" }, { "model": "itunes", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "10.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "29.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.8" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.020" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "16.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "12.0.742.91" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "17.0.963.78" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.4" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.14" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "17.0.963.56" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.6" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.1" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.3" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "16" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.4" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.3" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.9" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.8" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "31.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.10" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.8" }, { "model": "linux ia-32", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.1.13" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.672.2" }, { "model": "ios", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "6" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "11.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "14.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "14.0.835.163" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "34" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "13.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.11" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.0.20" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.6" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.3" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.1.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.21" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.8" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.12" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "10.0.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.9.3" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.6.1.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.16" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "17.0.9" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.205" }, { "model": "firefox esr", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "24.7" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.19" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "0.2" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.5.0.14" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "1.0.7" } ], "sources": [ { "db": "BID", "id": "53309" }, { "db": "JVNDB", "id": "JVNDB-2012-002173" }, { "db": "NVD", "id": "CVE-2011-3081" }, { "db": "CNNVD", "id": "CNNVD-201205-008" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "18.0.1025.168", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.7", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "6.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "6.0", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2011-3081" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Marty Barbella, miaubiz, SkyLined, wushi, PinkiePie and Willem Pinckaers.", "sources": [ { "db": "BID", "id": "53309" } ], "trust": 0.3 }, "cve": "CVE-2011-3081", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 10.0, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2011-3081", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "id": "VHN-51026", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2011-3081", "trust": 1.8, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201205-008", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-51026", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-51026" }, { "db": "JVNDB", "id": "JVNDB-2012-002173" }, { "db": "NVD", "id": "CVE-2011-3081" }, { "db": "CNNVD", "id": "CNNVD-201205-008" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078. Google Chrome Is incomplete in the processing related to element floating, (DoS) There are vulnerabilities that can be in a state or are otherwise unaffected. This vulnerability Webkit Vulnerability in Google Chrome Other than Webkit Products that use may also be affected. This vulnerability CVE-2011-3078 Is a different vulnerability.Service disruption by a third party (DoS) You may be put into a state or affected by other details. \nAttackers can exploit these issues to execute arbitrary code in the context of the browser, bypass security restrictions, other attacks may also be possible. \nVersions prior to Chrome 18.0.1025.168 are vulnerable. Google Chrome is a web browser developed by Google (Google). ============================================================================\nUbuntu Security Notice USN-1617-1\nOctober 25, 2012\n\nwebkit vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n\nSummary:\n\nMultiple security vulnerabilities were fixed in WebKit. \n\nSoftware Description:\n- webkit: Web content engine library for GTK+\n\nDetails:\n\nA large number of security issues were discovered in the WebKit browser and\nJavaScript engines. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n libjavascriptcoregtk-1.0-0 1.8.3-0ubuntu0.12.04.1\n libjavascriptcoregtk-3.0-0 1.8.3-0ubuntu0.12.04.1\n libwebkitgtk-1.0-0 1.8.3-0ubuntu0.12.04.1\n libwebkitgtk-3.0-0 1.8.3-0ubuntu0.12.04.1\n\nAfter a standard system update you need to restart your session to make all\nthe necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-1617-1\n CVE-2011-3031, CVE-2011-3038, CVE-2011-3042, CVE-2011-3043,\n CVE-2011-3044, CVE-2011-3051, CVE-2011-3053, CVE-2011-3059,\n CVE-2011-3060, CVE-2011-3064, CVE-2011-3067, CVE-2011-3076,\n CVE-2011-3081, CVE-2011-3086, CVE-2011-3090, CVE-2012-1521,\n CVE-2012-3598, CVE-2012-3601, CVE-2012-3604, CVE-2012-3611,\n CVE-2012-3612, CVE-2012-3617, CVE-2012-3625, CVE-2012-3626,\n CVE-2012-3627, CVE-2012-3628, CVE-2012-3645, CVE-2012-3652,\n CVE-2012-3657, CVE-2012-3669, CVE-2012-3670, CVE-2012-3671,\n CVE-2012-3672, CVE-2012-3674, CVE-2012-3674, https://launchpad.net/bugs/1058339\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/webkit/1.8.3-0ubuntu0.12.04.1\n. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nGoogle Chrome Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA48992\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48992/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48992\n\nRELEASE DATE:\n2012-05-01\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48992/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48992/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48992\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Google Chrome, where\nsome have an unknown impact and others can be exploited by malicious\npeople to compromise a user\u0027s system. \n \n1) A use-after-free error exists in floats handling. \n\n2) A use-after-free error exists within the xml parser. \n\n3) An error exists within the IPC validation. \n\n4) A race condition exists within the sandbox IPC. \n\n5) A second use-after-free error exists in floats handling. \n\nSOLUTION:\nUpdate to version 18.0.1025.168. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n1) Marty Barbella, Google Chrome Security Team and miaubiz\n2) SkyLined, Google Chrome Security Team and wushi, team509 via\niDefense\n3) PinkiePie\n4) Willem Pinckaers, Matasano. \n5) miaubiz\n\nORIGINAL ADVISORY:\nhttp://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201205-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Chromium: Multiple vulnerabilities\n Date: May 15, 2012\n Bugs: #414199\n ID: 201205-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been reported in Chromium, some of which\nmay allow execution of arbitrary code. \n\nBackground\n==========\n\nChromium is an open source web browser project. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-client/chromium \u003c 18.0.1025.168 \u003e= 18.0.1025.168\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Chromium. Please\nreview the CVE identifiers and release notes referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted web\nsite using Chromium, possibly resulting in the execution of arbitrary\ncode with the privileges of the process, or a Denial of Service\ncondition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Chromium users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-client/chromium-18.0.1025.168\"\n\nReferences\n==========\n\n[ 1 ] CVE-2011-3078\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3078\n[ 2 ] CVE-2011-3081\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3081\n[ 3 ] CVE-2012-1521\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1521\n[ 4 ] Release Notes 18.0.1025.168\n\nhttp://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30=\n.html\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201205-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n", "sources": [ { "db": "NVD", "id": "CVE-2011-3081" }, { "db": "JVNDB", "id": "JVNDB-2012-002173" }, { "db": "BID", "id": "53309" }, { "db": "VULHUB", "id": "VHN-51026" }, { "db": "PACKETSTORM", "id": "117673" }, { "db": "PACKETSTORM", "id": "112371" }, { "db": "PACKETSTORM", "id": "112729" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2011-3081", "trust": 3.0 }, { "db": "BID", "id": "53309", "trust": 2.0 }, { "db": "SECUNIA", "id": "48992", "trust": 1.8 }, { "db": "SECTRACK", "id": "1027001", "trust": 1.7 }, { "db": "OSVDB", "id": "81647", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2012-002173", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201205-008", "trust": 0.7 }, { "db": "VULHUB", "id": "VHN-51026", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "117673", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "112371", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "112729", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-51026" }, { "db": "BID", "id": "53309" }, { "db": "JVNDB", "id": "JVNDB-2012-002173" }, { "db": "PACKETSTORM", "id": "117673" }, { "db": "PACKETSTORM", "id": "112371" }, { "db": "PACKETSTORM", "id": "112729" }, { "db": "NVD", "id": "CVE-2011-3081" }, { "db": "CNNVD", "id": "CNNVD-201205-008" } ] }, "id": "VAR-201205-0256", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-51026" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T11:20:17.525000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "HT5400", "trust": 0.8, "url": "http://support.apple.com/kb/ht5400" }, { "title": "HT5503", "trust": 0.8, "url": "http://support.apple.com/kb/ht5503" }, { "title": "HT5485", "trust": 0.8, "url": "http://support.apple.com/kb/ht5485" }, { "title": "HT5400", "trust": 0.8, "url": "http://support.apple.com/kb/ht5400?viewlocale=ja_jp" }, { "title": "HT5503", "trust": 0.8, "url": "http://support.apple.com/kb/ht5503?viewlocale=ja_jp" }, { "title": "HT5485", "trust": 0.8, "url": "http://support.apple.com/kb/ht5485?viewlocale=ja_jp" }, { "title": "Stable Channel Update", "trust": 0.8, "url": "http://googlechromereleases.blogspot.jp/2012/04/stable-channel-update_30.html" }, { "title": "Google Chrome", "trust": 0.8, "url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja" }, { "title": "Google Chrome Remediation measures for releasing exploits", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=113679" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2012-002173" }, { "db": "CNNVD", "id": "CNNVD-201205-008" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-416", "trust": 1.1 }, { "problemtype": "CWE-399", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-51026" }, { "db": "JVNDB", "id": "JVNDB-2012-002173" }, { "db": "NVD", "id": "CVE-2011-3081" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.1, "url": "http://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30.html" }, { "trust": 1.8, "url": "http://security.gentoo.org/glsa/glsa-201205-01.xml" }, { "trust": 1.7, "url": "http://lists.apple.com/archives/security-announce/2012/jul/msg00000.html" }, { "trust": 1.7, "url": "http://lists.apple.com/archives/security-announce/2012/sep/msg00001.html" }, { "trust": 1.7, "url": "http://lists.apple.com/archives/security-announce/2012/sep/msg00003.html" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/53309" }, { "trust": 1.7, "url": "http://code.google.com/p/chromium/issues/detail?id=121899" }, { "trust": 1.7, "url": "http://support.apple.com/kb/ht5400" }, { "trust": 1.7, "url": "http://support.apple.com/kb/ht5485" }, { "trust": 1.7, "url": "http://support.apple.com/kb/ht5503" }, { "trust": 1.7, "url": "http://osvdb.org/81647" }, { "trust": 1.7, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a15592" }, { "trust": 1.7, "url": "http://www.securitytracker.com/id?1027001" }, { "trust": 1.7, "url": "http://secunia.com/advisories/48992" }, { "trust": 1.7, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75273" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3081" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu624491/" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu864819/" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3081" }, { "trust": 0.3, "url": "http://www.google.com/chrome" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1521" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3081" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3625" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3059" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3067" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3051" }, { "trust": 0.1, "url": "http://www.ubuntu.com/usn/usn-1617-1" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3628" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3598" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3060" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3031" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3038" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3645" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3064" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3043" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3090" }, { "trust": 0.1, "url": "https://launchpad.net/bugs/1058339" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3626" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3044" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3086" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3053" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3611" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3076" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3604" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3601" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3652" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3617" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/webkit/1.8.3-0ubuntu0.12.04.1" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3042" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3627" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3612" }, { "trust": 0.1, "url": "http://secunia.com/psi_30_beta_launch" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_intelligence/" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48992" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/48992/" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/advisories/48992/#comments" }, { "trust": 0.1, "url": "http://secunia.com/advisories/about_secunia_advisories/" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3081" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3078" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1521" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30=" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3078" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." } ], "sources": [ { "db": "VULHUB", "id": "VHN-51026" }, { "db": "BID", "id": "53309" }, { "db": "JVNDB", "id": "JVNDB-2012-002173" }, { "db": "PACKETSTORM", "id": "117673" }, { "db": "PACKETSTORM", "id": "112371" }, { "db": "PACKETSTORM", "id": "112729" }, { "db": "NVD", "id": "CVE-2011-3081" }, { "db": "CNNVD", "id": "CNNVD-201205-008" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-51026" }, { "db": "BID", "id": "53309" }, { "db": "JVNDB", "id": "JVNDB-2012-002173" }, { "db": "PACKETSTORM", "id": "117673" }, { "db": "PACKETSTORM", "id": "112371" }, { "db": "PACKETSTORM", "id": "112729" }, { "db": "NVD", "id": "CVE-2011-3081" }, { "db": "CNNVD", "id": "CNNVD-201205-008" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2012-05-01T00:00:00", "db": "VULHUB", "id": "VHN-51026" }, { "date": "2012-04-30T00:00:00", "db": "BID", "id": "53309" }, { "date": "2012-05-02T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-002173" }, { "date": "2012-10-25T20:48:27", "db": "PACKETSTORM", "id": "117673" }, { "date": "2012-05-01T05:17:45", "db": "PACKETSTORM", "id": "112371" }, { "date": "2012-05-15T21:56:35", "db": "PACKETSTORM", "id": "112729" }, { "date": "2012-05-01T10:12:04.237000", "db": "NVD", "id": "CVE-2011-3081" }, { "date": "2012-05-02T00:00:00", "db": "CNNVD", "id": "CNNVD-201205-008" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-04-13T00:00:00", "db": "VULHUB", "id": "VHN-51026" }, { "date": "2015-08-12T22:09:00", "db": "BID", "id": "53309" }, { "date": "2013-04-03T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-002173" }, { "date": "2020-04-13T16:19:33.587000", "db": "NVD", "id": "CVE-2011-3081" }, { "date": "2020-04-14T00:00:00", "db": "CNNVD", "id": "CNNVD-201205-008" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "117673" }, { "db": "CNNVD", "id": "CNNVD-201205-008" } ], "trust": 0.7 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Used in multiple products Webkit Service disruption in (DoS) Vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2012-002173" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201205-008" } ], "trust": 0.6 } }
var-201302-0382
Vulnerability from variot
Buffer overflow in the broker service in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows attackers to execute arbitrary code via unspecified vectors. Adobe Flash Player is prone to a remote buffer-overflow vulnerability. com/go/getflash. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0574-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0574.html Issue date: 2013-02-27 CVE Names: CVE-2013-0504 CVE-2013-0643 CVE-2013-0648 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes three security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- These vulnerabilities are detailed in the Adobe Security bulletin APSB13-08, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0504, CVE-2013-0648)
This update also fixes a permissions issue with the Adobe Flash Player Firefox sandbox.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
915961 - CVE-2013-0504 CVE-2013-0648 flash-plugin: multiple code execution flaws (APSB13-08) 915964 - CVE-2013-0643 flash-plugin: Firefox sandbox permissions issue (APSB13-08)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.273-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.273-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.273-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.273-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.273-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.273-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.273-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.273-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.273-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.273-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-0504.html https://www.redhat.com/security/data/cve/CVE-2013-0643.html https://www.redhat.com/security/data/cve/CVE-2013-0648.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-08.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRLn41XlSAg2UNWIIRAnzdAKCaJI07/I1LimaWJ6whuxtlqVukEwCeJrCH 4j7n45GWDCgkUE8CNNpu/6c= =Knv1 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201309-06
http://security.gentoo.org/
Severity: Normal Title: Adobe Flash Player: Multiple vulnerabilities Date: September 14, 2013 Bugs: #437808, #442084, #446984, #452104, #456132, #457066, #459368, #461598, #465534, #469870, #473038, #476328, #484512 ID: 201309-06
Synopsis
Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which could result in execution of arbitrary code.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"
References
[ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201309-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201302-0382", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "flash player", "scope": "lt", "trust": 1.0, "vendor": "adobe", "version": "10.3.183.67" }, { "model": "flash player", "scope": "gte", "trust": 1.0, "vendor": "adobe", "version": "11.6" }, { "model": "flash player", "scope": "lt", "trust": 1.0, "vendor": "adobe", "version": "11.6.602.168" }, { "model": "flash player", "scope": "gte", "trust": 1.0, "vendor": "adobe", "version": "10.3" }, { "model": "flash player", "scope": "gte", "trust": 1.0, "vendor": "adobe", "version": "11.2" }, { "model": "flash player", "scope": "lt", "trust": 1.0, "vendor": "adobe", "version": "11.2.202.273" }, { "model": "flash player", "scope": "eq", "trust": 0.9, "vendor": "adobe", "version": "10.1.53.64" }, { "model": "flash player", "scope": "eq", "trust": 0.9, "vendor": "adobe", "version": "10.1.95.2" }, { "model": "flash player", "scope": "eq", "trust": 0.9, "vendor": "adobe", "version": "10.1.95.1" }, { "model": "flash player", "scope": "eq", "trust": 0.9, "vendor": "adobe", "version": "10.1.92.8" }, { "model": "flash player", "scope": "eq", "trust": 0.9, "vendor": "adobe", "version": "10.1.85.3" }, { "model": "flash player", "scope": "eq", "trust": 0.9, "vendor": "adobe", "version": "10.1.52.15" }, { "model": "flash player", "scope": "eq", "trust": 0.9, "vendor": "adobe", "version": "10.1.52.14.1" }, { "model": "flash player", "scope": "eq", "trust": 0.9, "vendor": "adobe", "version": "10.1.102.64" }, { "model": "flash player", "scope": "eq", "trust": 0.9, "vendor": "adobe", "version": "10.0.32.18" }, { "model": "chrome", "scope": "lt", "trust": 0.8, "vendor": "google", "version": ")" }, { "model": "windows", "scope": "lt", "trust": 0.8, "vendor": "microsoft", "version": ")" }, { "model": "windows", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "rt (adobe flash player 11.6.602.171" }, { "model": "windows server", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "2012 (adobe flash player 11.6.602.171" }, { "model": "windows 8", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for 32-bit systems (adobe flash player 11.6.602.171" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "11.x (linux)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "(windows" }, { "model": "flash player", "scope": "eq", "trust": 0.8, "vendor": "adobe", "version": "macintosh" }, { "model": "internet explorer", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "10 (adobe flash player 11.6.602.171" }, { "model": "internet explorer", "scope": "lt", "trust": 0.8, "vendor": "microsoft", "version": ")" }, { "model": "windows server", "scope": "lt", "trust": 0.8, "vendor": "microsoft", "version": ")" }, { "model": "windows 8", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for 64-bit systems (adobe flash player 11.6.602.171" }, { "model": "flash player", "scope": "eq", "trust": 0.8, "vendor": "adobe", "version": "10.3.183.67" }, { "model": "flash player", "scope": "eq", "trust": 0.8, "vendor": "adobe", "version": "11.6.602.171" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "11.x (windows macintosh)" }, { "model": "flash player", "scope": "eq", "trust": 0.8, "vendor": "adobe", "version": "linux)" }, { "model": "windows 8", "scope": "lt", "trust": 0.8, "vendor": "microsoft", "version": ")" }, { "model": "chrome", "scope": "eq", "trust": 0.8, "vendor": "google", "version": "(adobe flash player 11.6.602.171" }, { "model": "flash player", "scope": "eq", "trust": 0.8, "vendor": "adobe", "version": "11.2.202.273" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "10.1" }, { "model": "linux enterprise desktop sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "linux enterprise desktop sp4", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "12.1" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11.4" }, { "model": "hat enterprise linux workstation supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux supplementary server", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "hat enterprise linux server supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux desktop supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux desktop supplementary client", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.51.66" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.452" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.22.87" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.15.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.12.36" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.12.35" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.283.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.262.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.155.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.73.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.67.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.61.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.60.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.53.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.24.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.19.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.14.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "6.0.79" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "6.0.21.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.235" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.233" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.229" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.228" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.223" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.112.61" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.9" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.5" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.63" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.62" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.55" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.228" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.0.1.152" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.2" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.25" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.23" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.22" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.21" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.5" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.4" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.10" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.34" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.26" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.23" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.22" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.16" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.14" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.159.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.157.51" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.156.12" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.28" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.27" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.25" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.24" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.18" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.13" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.153.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.33" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.32" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.21" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.92.10" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.82.76" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.106.16" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.105.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.102.65" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.42.34" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10" } ], "sources": [ { "db": "BID", "id": "58184" }, { "db": "JVNDB", "id": "JVNDB-2013-001701" }, { "db": "NVD", "id": "CVE-2013-0504" }, { "db": "CNNVD", "id": "CNNVD-201302-581" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.3.183.67", "versionStartIncluding": "10.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "11.6.602.168", "versionStartIncluding": "11.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.3.183.67", "versionStartIncluding": "10.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "11.2.202.273", "versionStartIncluding": "11.2", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2013-0504" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Mark Yason of IBM X-Force", "sources": [ { "db": "BID", "id": "58184" } ], "trust": 0.3 }, "cve": "CVE-2013-0504", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 10.0, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2013-0504", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "VHN-60506", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2013-0504", "trust": 1.8, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201302-581", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-60506", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-60506" }, { "db": "JVNDB", "id": "JVNDB-2013-001701" }, { "db": "NVD", "id": "CVE-2013-0504" }, { "db": "CNNVD", "id": "CNNVD-201302-581" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Buffer overflow in the broker service in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows attackers to execute arbitrary code via unspecified vectors. Adobe Flash Player is prone to a remote buffer-overflow vulnerability. com/go/getflash. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2013:0574-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0574.html\nIssue date: 2013-02-27\nCVE Names: CVE-2013-0504 CVE-2013-0643 CVE-2013-0648 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes three security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-08,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0504,\nCVE-2013-0648)\n\nThis update also fixes a permissions issue with the Adobe Flash Player\nFirefox sandbox. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n915961 - CVE-2013-0504 CVE-2013-0648 flash-plugin: multiple code execution flaws (APSB13-08)\n915964 - CVE-2013-0643 flash-plugin: Firefox sandbox permissions issue (APSB13-08)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.273-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.273-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.273-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.273-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.273-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.273-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.273-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.273-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.273-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.273-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0504.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0643.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0648.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-08.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRLn41XlSAg2UNWIIRAnzdAKCaJI07/I1LimaWJ6whuxtlqVukEwCeJrCH\n4j7n45GWDCgkUE8CNNpu/6c=\n=Knv1\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201309-06\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Adobe Flash Player: Multiple vulnerabilities\n Date: September 14, 2013\n Bugs: #437808, #442084, #446984, #452104, #456132, #457066,\n #459368, #461598, #465534, #469870, #473038, #476328, #484512\n ID: 201309-06\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Adobe Flash Player, the\nworst of which could result in execution of arbitrary code. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 2 ] CVE-2012-5248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[ 3 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 4 ] CVE-2012-5249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[ 5 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 6 ] CVE-2012-5250\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[ 7 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 8 ] CVE-2012-5251\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[ 9 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 10 ] CVE-2012-5252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[ 11 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 12 ] CVE-2012-5253\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[ 13 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 14 ] CVE-2012-5254\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[ 15 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 16 ] CVE-2012-5255\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[ 17 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 18 ] CVE-2012-5256\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[ 19 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 20 ] CVE-2012-5257\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[ 21 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 22 ] CVE-2012-5258\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[ 23 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 24 ] CVE-2012-5259\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[ 25 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 26 ] CVE-2012-5260\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[ 27 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 28 ] CVE-2012-5261\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[ 29 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 30 ] CVE-2012-5262\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[ 31 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 32 ] CVE-2012-5263\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[ 33 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 34 ] CVE-2012-5264\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[ 35 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 36 ] CVE-2012-5265\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[ 37 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 38 ] CVE-2012-5266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[ 39 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 40 ] CVE-2012-5267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[ 41 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 42 ] CVE-2012-5268\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[ 43 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 44 ] CVE-2012-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[ 45 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 46 ] CVE-2012-5270\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[ 47 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 48 ] CVE-2012-5271\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[ 49 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 50 ] CVE-2012-5272\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[ 51 ] CVE-2012-5274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[ 52 ] CVE-2012-5275\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[ 53 ] CVE-2012-5276\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[ 54 ] CVE-2012-5277\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[ 55 ] CVE-2012-5278\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[ 56 ] CVE-2012-5279\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[ 57 ] CVE-2012-5280\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[ 58 ] CVE-2012-5676\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[ 59 ] CVE-2012-5677\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[ 60 ] CVE-2012-5678\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[ 61 ] CVE-2013-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[ 62 ] CVE-2013-0630\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[ 63 ] CVE-2013-0633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[ 64 ] CVE-2013-0634\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[ 65 ] CVE-2013-0637\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[ 66 ] CVE-2013-0638\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[ 67 ] CVE-2013-0639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[ 68 ] CVE-2013-0642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[ 69 ] CVE-2013-0643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[ 70 ] CVE-2013-0644\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[ 71 ] CVE-2013-0645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[ 72 ] CVE-2013-0646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[ 73 ] CVE-2013-0647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[ 74 ] CVE-2013-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[ 75 ] CVE-2013-0649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[ 76 ] CVE-2013-0650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[ 77 ] CVE-2013-1365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[ 78 ] CVE-2013-1366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[ 79 ] CVE-2013-1367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[ 80 ] CVE-2013-1368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[ 81 ] CVE-2013-1369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[ 82 ] CVE-2013-1370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[ 83 ] CVE-2013-1371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[ 84 ] CVE-2013-1372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[ 85 ] CVE-2013-1373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[ 86 ] CVE-2013-1374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[ 87 ] CVE-2013-1375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[ 88 ] CVE-2013-1378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[ 89 ] CVE-2013-1379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[ 90 ] CVE-2013-1380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[ 91 ] CVE-2013-2555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[ 92 ] CVE-2013-2728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[ 93 ] CVE-2013-3343\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[ 94 ] CVE-2013-3344\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[ 95 ] CVE-2013-3345\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[ 96 ] CVE-2013-3347\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[ 97 ] CVE-2013-3361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[ 98 ] CVE-2013-3362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[ 99 ] CVE-2013-3363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n", "sources": [ { "db": "NVD", "id": "CVE-2013-0504" }, { "db": "JVNDB", "id": "JVNDB-2013-001701" }, { "db": "BID", "id": "58184" }, { "db": "VULHUB", "id": "VHN-60506" }, { "db": "PACKETSTORM", "id": "120576" }, { "db": "PACKETSTORM", "id": "123225" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2013-0504", "trust": 3.0 }, { "db": "BID", "id": "58184", "trust": 1.4 }, { "db": "JVNDB", "id": "JVNDB-2013-001701", "trust": 0.8 }, { "db": "NSFOCUS", "id": "22746", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201302-581", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "120576", "trust": 0.2 }, { "db": "SEEBUG", "id": "SSVID-60651", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-60506", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "123225", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-60506" }, { "db": "BID", "id": "58184" }, { "db": "JVNDB", "id": "JVNDB-2013-001701" }, { "db": "PACKETSTORM", "id": "120576" }, { "db": "PACKETSTORM", "id": "123225" }, { "db": "NVD", "id": "CVE-2013-0504" }, { "db": "CNNVD", "id": "CNNVD-201302-581" } ] }, "id": "VAR-201302-0382", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-60506" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T11:49:18.004000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "APSB13-08", "trust": 0.8, "url": "http://www.adobe.com/support/security/bulletins/apsb13-08.html" }, { "title": "APSB13-08 (cq02252340)", "trust": 0.8, "url": "http://helpx.adobe.com/jp/flash-player/kb/cq02252340.html" }, { "title": "Google Chrome", "trust": 0.8, "url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja" }, { "title": "Chrome Releases", "trust": 0.8, "url": "http://googlechromereleases.blogspot.jp/" }, { "title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b", "trust": 0.8, "url": "http://support.google.com/chrome/bin/answer.py?hl=ja\u0026answer=95414" }, { "title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)", "trust": 0.8, "url": "http://technet.microsoft.com/en-us/security/advisory/2755801" }, { "title": "SUSE-SU-2013:0373", "trust": 0.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html" }, { "title": "RHSA-2013:0574", "trust": 0.8, "url": "http://rhn.redhat.com/errata/rhsa-2013-0574.html" }, { "title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)", "trust": 0.8, "url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801" }, { "title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b", "trust": 0.8, "url": "http://www.fmworld.net/biz/common/adobe/20130228f.html" }, { "title": "install_flashplayer11x32_mssd_aih", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45387" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2013-001701" }, { "db": "CNNVD", "id": "CNNVD-201302-581" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-119", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-60506" }, { "db": "JVNDB", "id": "JVNDB-2013-001701" }, { "db": "NVD", "id": "CVE-2013-0504" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.8, "url": "http://www.adobe.com/support/security/bulletins/apsb13-08.html" }, { "trust": 1.2, "url": "http://rhn.redhat.com/errata/rhsa-2013-0574.html" }, { "trust": 1.1, "url": "http://www.securityfocus.com/bid/58184" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html" }, { "trust": 1.1, "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0504" }, { "trust": 0.8, "url": "http://www.ipa.go.jp/security/ciadr/vul/20130227-adobeflashplayer.html" }, { "trust": 0.8, "url": "http://www.jpcert.or.jp/at/2013/at130013.txt" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0504" }, { "trust": 0.8, "url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10928" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/22746" }, { "trust": 0.3, "url": "http://www.adobe.com/products/flash/" }, { "trust": 0.3, "url": "http://www.adobe.com" }, { "trust": 0.3, "url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml" }, { "trust": 0.1, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0648.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0643" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0643.html" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/key/#package" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0504.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0504" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "trust": 0.1, "url": "http://bugzilla.redhat.com/):" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0648" }, { "trust": 0.1, "url": "https://access.redhat.com/knowledge/articles/11258" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259" }, { "trust": 0.1, "url": "http://security.gentoo.org/glsa/glsa-201309-06.xml" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." } ], "sources": [ { "db": "VULHUB", "id": "VHN-60506" }, { "db": "BID", "id": "58184" }, { "db": "JVNDB", "id": "JVNDB-2013-001701" }, { "db": "PACKETSTORM", "id": "120576" }, { "db": "PACKETSTORM", "id": "123225" }, { "db": "NVD", "id": "CVE-2013-0504" }, { "db": "CNNVD", "id": "CNNVD-201302-581" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-60506" }, { "db": "BID", "id": "58184" }, { "db": "JVNDB", "id": "JVNDB-2013-001701" }, { "db": "PACKETSTORM", "id": "120576" }, { "db": "PACKETSTORM", "id": "123225" }, { "db": "NVD", "id": "CVE-2013-0504" }, { "db": "CNNVD", "id": "CNNVD-201302-581" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-02-27T00:00:00", "db": "VULHUB", "id": "VHN-60506" }, { "date": "2013-02-26T00:00:00", "db": "BID", "id": "58184" }, { "date": "2013-02-28T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-001701" }, { "date": "2013-02-28T06:19:56", "db": "PACKETSTORM", "id": "120576" }, { "date": "2013-09-14T15:19:13", "db": "PACKETSTORM", "id": "123225" }, { "date": "2013-02-27T00:55:00.970000", "db": "NVD", "id": "CVE-2013-0504" }, { "date": "2013-02-27T00:00:00", "db": "CNNVD", "id": "CNNVD-201302-581" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-12-06T00:00:00", "db": "VULHUB", "id": "VHN-60506" }, { "date": "2014-03-25T01:37:00", "db": "BID", "id": "58184" }, { "date": "2013-03-14T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-001701" }, { "date": "2018-12-06T19:27:58.713000", "db": "NVD", "id": "CVE-2013-0504" }, { "date": "2013-02-27T00:00:00", "db": "CNNVD", "id": "CNNVD-201302-581" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201302-581" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adobe Flash Player Broker service buffer overflow vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2013-001701" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer overflow", "sources": [ { "db": "CNNVD", "id": "CNNVD-201302-581" } ], "trust": 0.6 } }
var-201501-0113
Vulnerability from variot
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Failed exploit attempts will likely cause a denial-of-service condition. A use-after-free vulnerability exists in several Adobe products.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information or bypass security restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.442"
References
[ 1 ] CVE-2015-0301 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0301 [ 2 ] CVE-2015-0302 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0302 [ 3 ] CVE-2015-0303 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0303 [ 4 ] CVE-2015-0304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0304 [ 5 ] CVE-2015-0305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0305 [ 6 ] CVE-2015-0306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0306 [ 7 ] CVE-2015-0307 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0307 [ 8 ] CVE-2015-0308 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0308 [ 9 ] CVE-2015-0309 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0309 [ 10 ] CVE-2015-0310 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0310 [ 11 ] CVE-2015-0311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0311 [ 12 ] CVE-2015-0314 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0314 [ 13 ] CVE-2015-0315 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0315 [ 14 ] CVE-2015-0316 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0316 [ 15 ] CVE-2015-0317 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0317 [ 16 ] CVE-2015-0318 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0318 [ 17 ] CVE-2015-0319 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0319 [ 18 ] CVE-2015-0320 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0320 [ 19 ] CVE-2015-0321 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0321 [ 20 ] CVE-2015-0322 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0322 [ 21 ] CVE-2015-0323 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0323 [ 22 ] CVE-2015-0324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0324 [ 23 ] CVE-2015-0325 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0325 [ 24 ] CVE-2015-0326 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0326 [ 25 ] CVE-2015-0327 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0327 [ 26 ] CVE-2015-0328 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0328 [ 27 ] CVE-2015-0329 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0329 [ 28 ] CVE-2015-0330 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0330
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201502-02.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2015:0052-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0052.html Issue date: 2015-01-14 CVE Names: CVE-2015-0301 CVE-2015-0302 CVE-2015-0303 CVE-2015-0304 CVE-2015-0305 CVE-2015-0306 CVE-2015-0307 CVE-2015-0308 CVE-2015-0309 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB15-01, listed in the References section.
Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2015-0303, CVE-2015-0306, CVE-2015-0304, CVE-2015-0309, CVE-2015-0305, CVE-2015-0308)
This update also fixes multiple information disclosure flaws in flash-plugin. (CVE-2015-0301, CVE-2015-0302, CVE-2015-0307)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.429.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1181903 - CVE-2015-0303 CVE-2015-0306 CVE-2015-0304 CVE-2015-0309 CVE-2015-0305 CVE-2015-0308 flash-plugin: Multiple code-execution flaws (APSB15-01) 1181909 - CVE-2015-0301 CVE-2015-0302 CVE-2015-0307 flash-plugin: Information disclosure via various methods (APSB15-01)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.429-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.429-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.429-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.429-1.el6.i686.rpm
x86_64: flash-plugin-11.2.202.429-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-0301 https://access.redhat.com/security/cve/CVE-2015-0302 https://access.redhat.com/security/cve/CVE-2015-0303 https://access.redhat.com/security/cve/CVE-2015-0304 https://access.redhat.com/security/cve/CVE-2015-0305 https://access.redhat.com/security/cve/CVE-2015-0306 https://access.redhat.com/security/cve/CVE-2015-0307 https://access.redhat.com/security/cve/CVE-2015-0308 https://access.redhat.com/security/cve/CVE-2015-0309 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb15-01.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFUttFMXlSAg2UNWIIRAiVoAJwLqivuUq0OowsqXdh4/yKQTSVEGwCgjsTX 184Uc4WBUliIJ2nt+9H/bDY= =OQFJ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201501-0113", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "flash player", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "15.0.0.144" }, { "model": "flash player", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "11.2.202.425" }, { "model": "flash player", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "16.0.0.235" }, { "model": "flash player", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "16.0.0.234" }, { "model": "flash player", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "15.0.0.152" }, { "model": "flash player", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "15.0.0.167" }, { "model": "flash player", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "14.0.0.145" }, { "model": "flash player", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "15.0.0.223" }, { "model": "air sdk and compiler", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "15.0.0.356" }, { "model": "flash player", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "15.0.0.239" }, { "model": "flash player", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "14.0.0.125" }, { "model": "flash player", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "15.0.0.189" }, { "model": "flash player", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "14.0.0.176" }, { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "13.0.0.259" }, { "model": "flash player", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "14.0.0.179" }, { "model": "flash player", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "15.0.0.238" }, { "model": "air", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "15.0.0.356" }, { "model": "air sdk", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "15.0.0.356" }, { "model": "flash player", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": "15.0.0.246" }, { "model": "chrome", "scope": "lt", "trust": 0.8, "vendor": "google", "version": "39.0.2171.99 (windows/machintosh/linux)" }, { "model": "air", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "16.0.0.272 (android)" }, { "model": "air", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "desktop runtime 16.0.0.245 (windows/macintosh)" }, { "model": "air sdk", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "\u0026 compiler 16.0.0.272 (windows/macintosh/android/ios)" }, { "model": "air sdk", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "16.0.0.272 (windows/macintosh/android/ios)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "11.2.202.429 (linux)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "16.0.0.257 (internet explorer 10/11)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "16.0.0.257 (windows/machintosh/linux edition chrome)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "desktop runtime 16.0.0.257 (windows/macintosh)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "continuous support release 13.0.0.260 (windows/macintosh)" }, { "model": "internet explorer", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "10 (windows 8/windows server 2012/windows rt)" }, { "model": "internet explorer", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "11 (windows 8.1/windows server 2012 r2/windows rt 8.1)" }, { "model": "air sdk and compiler", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "15.0.0.356" }, { "model": "air sdk", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "15.0.0.356" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.246.0" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "3.2.0.2080" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.12.35" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.21" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.0.35.0" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.6.19140" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.115.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.280" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5.2" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.55" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.25" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.60.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.14.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.95.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.156.12" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "3.2.0.2070" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.7.1.1961" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.95.2" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.155.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.33" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.22" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.51.66" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.13" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.27" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.0.2" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.53.0" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "3.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.153.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.262.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.2460" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.9" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.22" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.0.2.12610" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.63" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "6.0.79" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.157.51" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.26" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.14" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "3.1.0.4880" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.228" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.92.8" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.7" }, { "model": "hat enterprise linux supplementary server", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.0.4" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.52.15" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.262" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.112.61" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.32" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.68.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.24" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.16" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.5" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.66.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.18" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.28.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.260.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.23" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.52.14.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.32.18" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.277.0" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.283.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.12.36" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.62" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.21" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.01" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.3218" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.235" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.289.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.53.64" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.228" }, { "model": "hat enterprise linux desktop supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5.3.9130" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.25" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5.3.9120" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "6.0.21.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.233" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.124.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.34" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.23" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.152.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.61.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.2" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.22.87" }, { "model": "hat enterprise linux server supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.85.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.82.76" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.73.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.229" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.452" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.8" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.0.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.159.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.69.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.151.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.10" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.0.1.152" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.15.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.31.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.159.1" }, { "model": "hat enterprise linux desktop supplementary client", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.105.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.47.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.45.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.24.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.19.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.0.34.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.42.34" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.48.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.4" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.223" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.28" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.67.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.5" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.92.10" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.70.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.106.16" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.6.19120" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.5.1" }, { "model": "hat enterprise linux workstation supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.102.65" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.7.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.102.64" } ], "sources": [ { "db": "BID", "id": "72039" }, { "db": "JVNDB", "id": "JVNDB-2015-001028" }, { "db": "NVD", "id": "CVE-2015-0308" }, { "db": "CNNVD", "id": "CNNVD-201501-264" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:android:*:*", "cpe_name": [], "versionEndIncluding": "15.0.0.356", "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.0.0.356", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:15.0.0.167:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:15.0.0.152:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:15.0.0.239:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:15.0.0.238:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:16.0.0.235:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:15.0.0.246:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:15.0.0.144:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:16.0.0.234:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.0.0.259", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:15.0.0.223:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:15.0.0.189:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:adobe_air_sdk_and_compiler:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.0.0.356", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.0.0.356", "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:11.2.202.425:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2015-0308" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Fermin J. Serna of the Google Security Team and Chris Evans of Google Project Zero", "sources": [ { "db": "BID", "id": "72039" } ], "trust": 0.3 }, "cve": "CVE-2015-0308", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": true, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 10.0, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2015-0308", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "VHN-78254", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2015-0308", "trust": 1.8, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201501-264", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-78254", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2015-0308", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-78254" }, { "db": "VULMON", "id": "CVE-2015-0308" }, { "db": "JVNDB", "id": "JVNDB-2015-001028" }, { "db": "NVD", "id": "CVE-2015-0308" }, { "db": "CNNVD", "id": "CNNVD-201501-264" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Use-after-free vulnerability in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK \u0026 Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlAn attacker could execute arbitrary code. Failed exploit attempts will likely cause a denial-of-service condition. A use-after-free vulnerability exists in several Adobe products. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information or bypass security restrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.442\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-0301\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0301\n[ 2 ] CVE-2015-0302\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0302\n[ 3 ] CVE-2015-0303\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0303\n[ 4 ] CVE-2015-0304\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0304\n[ 5 ] CVE-2015-0305\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0305\n[ 6 ] CVE-2015-0306\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0306\n[ 7 ] CVE-2015-0307\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0307\n[ 8 ] CVE-2015-0308\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0308\n[ 9 ] CVE-2015-0309\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0309\n[ 10 ] CVE-2015-0310\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0310\n[ 11 ] CVE-2015-0311\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0311\n[ 12 ] CVE-2015-0314\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0314\n[ 13 ] CVE-2015-0315\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0315\n[ 14 ] CVE-2015-0316\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0316\n[ 15 ] CVE-2015-0317\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0317\n[ 16 ] CVE-2015-0318\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0318\n[ 17 ] CVE-2015-0319\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0319\n[ 18 ] CVE-2015-0320\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0320\n[ 19 ] CVE-2015-0321\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0321\n[ 20 ] CVE-2015-0322\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0322\n[ 21 ] CVE-2015-0323\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0323\n[ 22 ] CVE-2015-0324\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0324\n[ 23 ] CVE-2015-0325\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0325\n[ 24 ] CVE-2015-0326\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0326\n[ 25 ] CVE-2015-0327\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0327\n[ 26 ] CVE-2015-0328\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0328\n[ 27 ] CVE-2015-0329\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0329\n[ 28 ] CVE-2015-0330\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0330\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201502-02.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2015:0052-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-0052.html\nIssue date: 2015-01-14\nCVE Names: CVE-2015-0301 CVE-2015-0302 CVE-2015-0303 \n CVE-2015-0304 CVE-2015-0305 CVE-2015-0306 \n CVE-2015-0307 CVE-2015-0308 CVE-2015-0309 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security Bulletin APSB15-01,\nlisted in the References section. \n\nMultiple flaws were found in the way flash-plugin displayed certain SWF\ncontent. An attacker could use these flaws to create a specially crafted\nSWF file that would cause flash-plugin to crash or, potentially, execute\narbitrary code when the victim loaded a page containing the malicious SWF\ncontent. (CVE-2015-0303, CVE-2015-0306, CVE-2015-0304, CVE-2015-0309,\nCVE-2015-0305, CVE-2015-0308)\n\nThis update also fixes multiple information disclosure flaws in\nflash-plugin. (CVE-2015-0301, CVE-2015-0302, CVE-2015-0307)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.429. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1181903 - CVE-2015-0303 CVE-2015-0306 CVE-2015-0304 CVE-2015-0309 CVE-2015-0305 CVE-2015-0308 flash-plugin: Multiple code-execution flaws (APSB15-01)\n1181909 - CVE-2015-0301 CVE-2015-0302 CVE-2015-0307 flash-plugin: Information disclosure via various methods (APSB15-01)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.429-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.429-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.429-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.429-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.429-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.429-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.429-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.429-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.429-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.429-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-0301\nhttps://access.redhat.com/security/cve/CVE-2015-0302\nhttps://access.redhat.com/security/cve/CVE-2015-0303\nhttps://access.redhat.com/security/cve/CVE-2015-0304\nhttps://access.redhat.com/security/cve/CVE-2015-0305\nhttps://access.redhat.com/security/cve/CVE-2015-0306\nhttps://access.redhat.com/security/cve/CVE-2015-0307\nhttps://access.redhat.com/security/cve/CVE-2015-0308\nhttps://access.redhat.com/security/cve/CVE-2015-0309\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb15-01.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFUttFMXlSAg2UNWIIRAiVoAJwLqivuUq0OowsqXdh4/yKQTSVEGwCgjsTX\n184Uc4WBUliIJ2nt+9H/bDY=\n=OQFJ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n", "sources": [ { "db": "NVD", "id": "CVE-2015-0308" }, { "db": "JVNDB", "id": "JVNDB-2015-001028" }, { "db": "BID", "id": "72039" }, { "db": "VULHUB", "id": "VHN-78254" }, { "db": "VULMON", "id": "CVE-2015-0308" }, { "db": "PACKETSTORM", "id": "130262" }, { "db": "PACKETSTORM", "id": "129964" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2015-0308", "trust": 3.1 }, { "db": "BID", "id": "72039", "trust": 1.5 }, { "db": "SECUNIA", "id": "62371", "trust": 1.2 }, { "db": "SECUNIA", "id": "62252", "trust": 1.2 }, { "db": "SECUNIA", "id": "62740", "trust": 1.2 }, { "db": "SECUNIA", "id": "62187", "trust": 1.2 }, { "db": "SECUNIA", "id": "62177", "trust": 1.2 }, { "db": "SECTRACK", "id": "1031525", "trust": 1.2 }, { "db": "JVNDB", "id": "JVNDB-2015-001028", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201501-264", "trust": 0.7 }, { "db": "VULHUB", "id": "VHN-78254", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2015-0308", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "130262", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "129964", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-78254" }, { "db": "VULMON", "id": "CVE-2015-0308" }, { "db": "BID", "id": "72039" }, { "db": "JVNDB", "id": "JVNDB-2015-001028" }, { "db": "PACKETSTORM", "id": "130262" }, { "db": "PACKETSTORM", "id": "129964" }, { "db": "NVD", "id": "CVE-2015-0308" }, { "db": "CNNVD", "id": "CNNVD-201501-264" } ] }, "id": "VAR-201501-0113", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-78254" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T12:07:44.721000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "APSB15-01", "trust": 0.8, "url": "http://helpx.adobe.com/security/products/flash-player/apsb15-01.html" }, { "title": "APSB15-01", "trust": 0.8, "url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb15-01.html" }, { "title": "Google Chrome", "trust": 0.8, "url": "https://www.google.com/intl/ja/chrome/browser/features.html" }, { "title": "Stable Channel Update", "trust": 0.8, "url": "http://googlechromereleases.blogspot.jp/2015/01/stable-channel-update.html" }, { "title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer (2755801)", "trust": 0.8, "url": "https://technet.microsoft.com/en-us/library/security/2755801" }, { "title": "Internet Explorer \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u5bfe\u5fdc\u3059\u308b\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)", "trust": 0.8, "url": "https://technet.microsoft.com/ja-jp/library/security/2755801" }, { "title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b", "trust": 0.8, "url": "http://www.fmworld.net/biz/common/adobe/20150115f.html" }, { "title": "Red Hat: Critical: flash-plugin security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20150052 - security advisory" }, { "title": "Red Hat: CVE-2015-0308", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2015-0308" }, { "title": "CVE-Study", "trust": 0.1, "url": "https://github.com/thdusdl1219/cve-study " } ], "sources": [ { "db": "VULMON", "id": "CVE-2015-0308" }, { "db": "JVNDB", "id": "JVNDB-2015-001028" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 }, { "problemtype": "CWE-Other", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2015-001028" }, { "db": "NVD", "id": "CVE-2015-0308" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.9, "url": "http://helpx.adobe.com/security/products/flash-player/apsb15-01.html" }, { "trust": 1.3, "url": "http://www.securityfocus.com/bid/72039" }, { "trust": 1.3, "url": "http://security.gentoo.org/glsa/glsa-201502-02.xml" }, { "trust": 1.2, "url": "http://www.securitytracker.com/id/1031525" }, { "trust": 1.2, "url": "http://secunia.com/advisories/62177" }, { "trust": 1.2, "url": "http://secunia.com/advisories/62187" }, { "trust": 1.2, "url": "http://secunia.com/advisories/62252" }, { "trust": 1.2, "url": "http://secunia.com/advisories/62371" }, { "trust": 1.2, "url": "http://secunia.com/advisories/62740" }, { "trust": 1.2, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99989" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0308" }, { "trust": 0.8, "url": "http://www.ipa.go.jp/security/ciadr/vul/20150114-adobeflashplayer.html" }, { "trust": 0.8, "url": "http://www.jpcert.or.jp/at/2015/at150002.html" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0308" }, { "trust": 0.8, "url": "http://www.npa.go.jp/cyberpolice/topics/?seq=15215" }, { "trust": 0.3, "url": "http://www.adobe.com/products/air/" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2015-0308" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0309" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0307" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0302" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0304" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0305" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0301" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0306" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0308" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0303" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2015:0052" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=37000" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0326" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0315" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0319" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0308" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0324" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0314" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0318" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0326" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0328" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0319" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0328" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0327" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0303" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0323" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0307" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0330" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0305" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0330" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0309" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0318" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0317" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0324" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0321" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0320" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0329" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0304" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0301" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0311" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0327" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0310" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0316" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0323" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0315" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0302" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0306" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0311" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0325" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0314" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0322" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0317" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0321" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0329" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0310" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0322" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0325" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0320" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0316" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-0307" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-0304" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-0303" }, { "trust": 0.1, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-0302" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.1, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-0305" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-0301" }, { "trust": 0.1, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-0306" }, { "trust": 0.1, "url": "https://rhn.redhat.com/errata/rhsa-2015-0052.html" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2015-0309" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/key/" } ], "sources": [ { "db": "VULHUB", "id": "VHN-78254" }, { "db": "VULMON", "id": "CVE-2015-0308" }, { "db": "BID", "id": "72039" }, { "db": "JVNDB", "id": "JVNDB-2015-001028" }, { "db": "PACKETSTORM", "id": "130262" }, { "db": "PACKETSTORM", "id": "129964" }, { "db": "NVD", "id": "CVE-2015-0308" }, { "db": "CNNVD", "id": "CNNVD-201501-264" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-78254" }, { "db": "VULMON", "id": "CVE-2015-0308" }, { "db": "BID", "id": "72039" }, { "db": "JVNDB", "id": "JVNDB-2015-001028" }, { "db": "PACKETSTORM", "id": "130262" }, { "db": "PACKETSTORM", "id": "129964" }, { "db": "NVD", "id": "CVE-2015-0308" }, { "db": "CNNVD", "id": "CNNVD-201501-264" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2015-01-13T00:00:00", "db": "VULHUB", "id": "VHN-78254" }, { "date": "2015-01-13T00:00:00", "db": "VULMON", "id": "CVE-2015-0308" }, { "date": "2015-01-13T00:00:00", "db": "BID", "id": "72039" }, { "date": "2015-01-15T00:00:00", "db": "JVNDB", "id": "JVNDB-2015-001028" }, { "date": "2015-02-06T21:36:53", "db": "PACKETSTORM", "id": "130262" }, { "date": "2015-01-15T00:08:07", "db": "PACKETSTORM", "id": "129964" }, { "date": "2015-01-13T23:59:06.977000", "db": "NVD", "id": "CVE-2015-0308" }, { "date": "2015-01-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201501-264" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-09-08T00:00:00", "db": "VULHUB", "id": "VHN-78254" }, { "date": "2017-09-08T00:00:00", "db": "VULMON", "id": "CVE-2015-0308" }, { "date": "2015-01-21T00:01:00", "db": "BID", "id": "72039" }, { "date": "2015-01-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2015-001028" }, { "date": "2017-09-08T01:29:39.183000", "db": "NVD", "id": "CVE-2015-0308" }, { "date": "2015-01-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201501-264" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "130262" }, { "db": "CNNVD", "id": "CNNVD-201501-264" } ], "trust": 0.7 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution", "sources": [ { "db": "JVNDB", "id": "JVNDB-2015-001028" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201501-264" } ], "trust": 0.6 } }
var-201607-0519
Vulnerability from variot
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4245, and CVE-2016-4246. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. The product enables viewing of applications, content and video across screens and browsers.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.632"
References
[ 1 ] CVE-2016-4217 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4217 [ 2 ] CVE-2016-4217 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4217 [ 3 ] CVE-2016-4218 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4218 [ 4 ] CVE-2016-4218 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4218 [ 5 ] CVE-2016-4219 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4219 [ 6 ] CVE-2016-4219 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4219 [ 7 ] CVE-2016-4220 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4220 [ 8 ] CVE-2016-4220 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4220 [ 9 ] CVE-2016-4221 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4221 [ 10 ] CVE-2016-4221 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4221 [ 11 ] CVE-2016-4222 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4222 [ 12 ] CVE-2016-4222 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4222 [ 13 ] CVE-2016-4223 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4223 [ 14 ] CVE-2016-4223 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4223 [ 15 ] CVE-2016-4224 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4224 [ 16 ] CVE-2016-4224 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4224 [ 17 ] CVE-2016-4225 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4225 [ 18 ] CVE-2016-4225 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4225 [ 19 ] CVE-2016-4226 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4226 [ 20 ] CVE-2016-4226 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4226 [ 21 ] CVE-2016-4227 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4227 [ 22 ] CVE-2016-4227 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4227 [ 23 ] CVE-2016-4228 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4228 [ 24 ] CVE-2016-4228 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4228 [ 25 ] CVE-2016-4229 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4229 [ 26 ] CVE-2016-4229 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4229 [ 27 ] CVE-2016-4230 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4230 [ 28 ] CVE-2016-4230 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4230 [ 29 ] CVE-2016-4231 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4231 [ 30 ] CVE-2016-4231 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4231 [ 31 ] CVE-2016-4232 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4232 [ 32 ] CVE-2016-4232 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4232 [ 33 ] CVE-2016-4233 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4233 [ 34 ] CVE-2016-4233 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4233 [ 35 ] CVE-2016-4234 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4234 [ 36 ] CVE-2016-4234 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4234 [ 37 ] CVE-2016-4235 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4235 [ 38 ] CVE-2016-4235 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4235 [ 39 ] CVE-2016-4236 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4236 [ 40 ] CVE-2016-4236 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4236 [ 41 ] CVE-2016-4237 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4237 [ 42 ] CVE-2016-4237 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4237 [ 43 ] CVE-2016-4238 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4238 [ 44 ] CVE-2016-4238 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4238 [ 45 ] CVE-2016-4239 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4239 [ 46 ] CVE-2016-4239 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4239 [ 47 ] CVE-2016-4240 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4240 [ 48 ] CVE-2016-4240 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4240 [ 49 ] CVE-2016-4241 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4241 [ 50 ] CVE-2016-4241 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4241 [ 51 ] CVE-2016-4242 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4242 [ 52 ] CVE-2016-4242 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4242 [ 53 ] CVE-2016-4243 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4243 [ 54 ] CVE-2016-4243 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4243 [ 55 ] CVE-2016-4244 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4244 [ 56 ] CVE-2016-4244 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4244 [ 57 ] CVE-2016-4245 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4245 [ 58 ] CVE-2016-4245 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4245 [ 59 ] CVE-2016-4246 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4246 [ 60 ] CVE-2016-4246 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4246 [ 61 ] CVE-2016-4247 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4247 [ 62 ] CVE-2016-4247 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4247 [ 63 ] CVE-2016-4248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4248 [ 64 ] CVE-2016-4248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4248 [ 65 ] CVE-2016-4249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4249 [ 66 ] CVE-2016-4249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4249
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201607-03
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:1423-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://access.redhat.com/errata/RHSA-2016:1423 Issue date: 2016-07-13 CVE Names: CVE-2016-4172 CVE-2016-4173 CVE-2016-4174 CVE-2016-4175 CVE-2016-4176 CVE-2016-4177 CVE-2016-4178 CVE-2016-4179 CVE-2016-4180 CVE-2016-4181 CVE-2016-4182 CVE-2016-4183 CVE-2016-4184 CVE-2016-4185 CVE-2016-4186 CVE-2016-4187 CVE-2016-4188 CVE-2016-4189 CVE-2016-4190 CVE-2016-4217 CVE-2016-4218 CVE-2016-4219 CVE-2016-4220 CVE-2016-4221 CVE-2016-4222 CVE-2016-4223 CVE-2016-4224 CVE-2016-4225 CVE-2016-4226 CVE-2016-4227 CVE-2016-4228 CVE-2016-4229 CVE-2016-4230 CVE-2016-4231 CVE-2016-4232 CVE-2016-4233 CVE-2016-4234 CVE-2016-4235 CVE-2016-4236 CVE-2016-4237 CVE-2016-4238 CVE-2016-4239 CVE-2016-4240 CVE-2016-4241 CVE-2016-4242 CVE-2016-4243 CVE-2016-4244 CVE-2016-4245 CVE-2016-4246 CVE-2016-4247 CVE-2016-4248 CVE-2016-4249 =====================================================================
- Summary:
An update for flash-plugin is now available for Red Hat Enterprise Linux 5 Supplementary and Red Hat Enterprise Linux 6 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in.
This update upgrades Flash Player to version 11.2.202.632. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-4172, CVE-2016-4173, CVE-2016-4174, CVE-2016-4175, CVE-2016-4176, CVE-2016-4177, CVE-2016-4178, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4222, CVE-2016-4223, CVE-2016-4224, CVE-2016-4225, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, CVE-2016-4232, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, CVE-2016-4246, CVE-2016-4247, CVE-2016-4248, CVE-2016-4249)
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1355971 - flash-plugin: multiple code execution issues fixed in APSB16-25
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.632-1.el5_11.i386.rpm
x86_64: flash-plugin-11.2.202.632-1.el5_11.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.632-1.el5_11.i386.rpm
x86_64: flash-plugin-11.2.202.632-1.el5_11.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.632-1.el6_8.i686.rpm
x86_64: flash-plugin-11.2.202.632-1.el6_8.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.632-1.el6_8.i686.rpm
x86_64: flash-plugin-11.2.202.632-1.el6_8.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.632-1.el6_8.i686.rpm
x86_64: flash-plugin-11.2.202.632-1.el6_8.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-4172 https://access.redhat.com/security/cve/CVE-2016-4173 https://access.redhat.com/security/cve/CVE-2016-4174 https://access.redhat.com/security/cve/CVE-2016-4175 https://access.redhat.com/security/cve/CVE-2016-4176 https://access.redhat.com/security/cve/CVE-2016-4177 https://access.redhat.com/security/cve/CVE-2016-4178 https://access.redhat.com/security/cve/CVE-2016-4179 https://access.redhat.com/security/cve/CVE-2016-4180 https://access.redhat.com/security/cve/CVE-2016-4181 https://access.redhat.com/security/cve/CVE-2016-4182 https://access.redhat.com/security/cve/CVE-2016-4183 https://access.redhat.com/security/cve/CVE-2016-4184 https://access.redhat.com/security/cve/CVE-2016-4185 https://access.redhat.com/security/cve/CVE-2016-4186 https://access.redhat.com/security/cve/CVE-2016-4187 https://access.redhat.com/security/cve/CVE-2016-4188 https://access.redhat.com/security/cve/CVE-2016-4189 https://access.redhat.com/security/cve/CVE-2016-4190 https://access.redhat.com/security/cve/CVE-2016-4217 https://access.redhat.com/security/cve/CVE-2016-4218 https://access.redhat.com/security/cve/CVE-2016-4219 https://access.redhat.com/security/cve/CVE-2016-4220 https://access.redhat.com/security/cve/CVE-2016-4221 https://access.redhat.com/security/cve/CVE-2016-4222 https://access.redhat.com/security/cve/CVE-2016-4223 https://access.redhat.com/security/cve/CVE-2016-4224 https://access.redhat.com/security/cve/CVE-2016-4225 https://access.redhat.com/security/cve/CVE-2016-4226 https://access.redhat.com/security/cve/CVE-2016-4227 https://access.redhat.com/security/cve/CVE-2016-4228 https://access.redhat.com/security/cve/CVE-2016-4229 https://access.redhat.com/security/cve/CVE-2016-4230 https://access.redhat.com/security/cve/CVE-2016-4231 https://access.redhat.com/security/cve/CVE-2016-4232 https://access.redhat.com/security/cve/CVE-2016-4233 https://access.redhat.com/security/cve/CVE-2016-4234 https://access.redhat.com/security/cve/CVE-2016-4235 https://access.redhat.com/security/cve/CVE-2016-4236 https://access.redhat.com/security/cve/CVE-2016-4237 https://access.redhat.com/security/cve/CVE-2016-4238 https://access.redhat.com/security/cve/CVE-2016-4239 https://access.redhat.com/security/cve/CVE-2016-4240 https://access.redhat.com/security/cve/CVE-2016-4241 https://access.redhat.com/security/cve/CVE-2016-4242 https://access.redhat.com/security/cve/CVE-2016-4243 https://access.redhat.com/security/cve/CVE-2016-4244 https://access.redhat.com/security/cve/CVE-2016-4245 https://access.redhat.com/security/cve/CVE-2016-4246 https://access.redhat.com/security/cve/CVE-2016-4247 https://access.redhat.com/security/cve/CVE-2016-4248 https://access.redhat.com/security/cve/CVE-2016-4249 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-25.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFXho6cXlSAg2UNWIIRAp9tAKCwWeHDwGxx4MZRSsZtYsaP7bf+8ACcCmVr 3PPWGTqHtaFvIBLqaCpxcMk= =uyDE -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201607-0519", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "11.2.202.626" }, { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "22.0.0.192" }, { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "18.0.0.360" }, { "model": "flash player desktop runtime", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "22.0.0.192" }, { "model": "flash player", "scope": "eq", "trust": 0.9, "vendor": "adobe", "version": "22.0.0.192" }, { "model": "flash player", "scope": "eq", "trust": 0.9, "vendor": "adobe", "version": "18.0.0.360" }, { "model": "chrome", "scope": null, "trust": 0.8, "vendor": "google", "version": null }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "11.2.202.632 (linux)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "22.0.0.209 (windows 10/8.1 edition microsoft edge/internet explorer 11)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "22.0.0.209 (windows/macintosh/linux/chromeos edition chrome)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "desktop runtime 22.0.0.209 (windows/macintosh)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "continuous support release 18.0.0.366 (windows/macintosh)" }, { "model": "windows 10", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for 32-bit systems" }, { "model": "windows 10", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for x64-based systems" }, { "model": "windows 10", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "version 1511 for 32-bit systems" }, { "model": "windows 10", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "version 1511 for x64-based systems" }, { "model": "windows 8.1", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for 32-bit systems" }, { "model": "windows 8.1", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for x64-based systems" }, { "model": "windows rt 8.1", "scope": null, "trust": 0.8, "vendor": "microsoft", "version": null }, { "model": "windows server 2012", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "none" }, { "model": "windows server 2012", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "r2" }, { "model": "internet explorer", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "11" }, { "model": "edge", "scope": "eq", "trust": 0.3, "vendor": "microsoft", "version": "0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "16.0235" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "14.0179" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "14.0177" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "14.0176" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0259" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0252" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0214" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0182" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "12.070" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.7.700275" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.7.700232" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.7.700169" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.6.602105" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.5.502131" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.5.502124" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.5.502118" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.5.50080" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.4.400231" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.3.300271" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.3.300270" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.3.300268" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.3.300265" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.3.300262" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.3.300257" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.3.300250" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.3.300231" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.3.300214" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.20295" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202425" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202418" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202400" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202359" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202350" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202346" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202341" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202297" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202280" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202238" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202236" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202221" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202197" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202160" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.11569" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.11554" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.11164" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.11150" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.0.198" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.0.160" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.0.1129" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.53.64" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.51.66" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.452" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.3218" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.22.87" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.15.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.12.36" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.12.35" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.262" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.2460" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.152.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.151.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.124.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.9.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.8.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.48.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.47.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.45.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.31.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.289.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.283.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.280" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.28.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.277.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.262.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.260.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.246.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.159.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.155.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.115.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.0.35.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.0.34.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.61" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.73.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.70.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.69.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.68.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.67.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.66.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.61.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.60.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.53.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.24.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.19.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.14.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "6.0.79" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "6.0.21.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "4" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "21.0.0.242" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "21.0.0.241" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "21.0.0.226" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "21.0.0.216" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "21.0.0.213" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "21.0.0.197" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "21.0.0.182" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "21.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "20.0.0.306" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "20.0.0.286" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "20.0.0.272" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "20.0.0.267" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "20.0.0.235" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "20.0.0.228" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "19.0.0.245" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "19.0.0.226" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "19.0.0.207" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "19.0.0.185" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.352" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.343" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.333" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.329" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.326" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.324" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.268" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.261" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.255" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.252" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.241" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.233" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.232" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.209" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.204" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.203" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.194" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.161" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.160" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.143" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "17.0.0.188" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "17.0.0.169" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "17.0.0.134" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "16.0.0.305" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "16.0.0.296" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "16.0.0.291" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "16.0.0.287" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "16.0.0.257" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "16.0.0.234" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "15.0.0.246" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "15.0.0.242" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "15.0.0.239" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "15.0.0.223" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "15.0.0.189" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "15.0.0.152" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "14.0.0.145" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "14.0.0.125" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.309" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.302" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.296" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.292" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.289" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.281" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.277" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.269" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.264" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.262" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.260" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.258" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.250" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.244" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.241" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.231" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.223" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.206" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "13.0.0.201" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "12.0.0.77" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "12.0.0.44" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "12.0.0.43" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "12.0.0.41" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "12.0.0.38" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "12" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.9.900.170" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.9.900.152" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.9.900.117" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.8.800.97" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.8.800.94" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.8.800.170" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.8.800.168" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.7.700.279" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.7.700.272" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.7.700.269" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.7.700.261" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.7.700.260" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.7.700.257" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.7.700.252" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.7.700.242" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.7.700.225" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.7.700.224" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.7.700.203" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.7.700.202" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.6.602.180" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.6.602.171" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.6.602.168" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.6.602.167" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.5.502.149" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.5.502.146" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.5.502.136" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.5.502.135" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.5.502.110" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.4.402.287" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.4.402.278" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.4.402.265" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.3.378.5" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.3.31.230" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.3.300.273" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.626" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.621" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.616" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.577" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.569" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.559" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.554" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.548" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.540" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.535" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.521" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.508" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.491" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.481" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.468" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.466" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.460" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.457" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.451" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.442" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.440" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.438" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.429" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.424" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.411" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.406" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.394" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.378" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.356" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.336" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.335" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.332" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.327" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.310" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.291" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.285" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.275" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.273" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.270" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.262" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.261" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.258" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.251" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.243" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.238" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.235" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.233" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.229" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.228" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.223" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.81" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.63" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.59" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.58" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.48" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.34" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.11" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.112.61" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.9" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.73" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.54" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.5" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.44" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.10" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.63" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.62" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.59" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.55" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.228" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.0.1.153" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.0.1.152" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.2" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.25" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.24" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.23" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.22" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.21" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.86" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.75" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.68" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.67" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.63" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.61" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.51" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.50" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.5" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.48" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.43" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.4" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.29" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.25" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.23" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.20" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.19" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.18" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.16" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.15" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.11" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.10" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.34" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.26" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.23" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.22" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.16" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.14" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.159.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.157.51" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.156.12" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.28" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.27" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.25" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.24" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.18" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.13" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.153.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.33" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.32" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.26" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.21" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.95.2" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.95.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.92.8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.92.10" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.85.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.82.76" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.52.15" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.52.14.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.52.14" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.106.17" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.106.16" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.105.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.102.65" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.102.64" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.42.34" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.32.18" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.2.54" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10" }, { "model": "flash player", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "22.0.0.209" }, { "model": "flash player", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "18.0.0.366" }, { "model": "flash player", "scope": "ne", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.632" } ], "sources": [ { "db": "BID", "id": "91725" }, { "db": "JVNDB", "id": "JVNDB-2016-003687" }, { "db": "NVD", "id": "CVE-2016-4244" }, { "db": "CNNVD", "id": "CNNVD-201607-301" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "cpe_name": [], "versionEndIncluding": "18.0.0.360", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "cpe_name": [], "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "cpe_name": [], "versionEndIncluding": "22.0.0.192", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "cpe_name": [], "versionEndIncluding": "22.0.0.192", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.2.202.626", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2016-4244" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "willJ of Tencent PC Manager, S\u00e9bastien Morin of COSIG, Yuki Chen of Qihoo 360 Vulcan Team, Wen Guanxing from Pangu LAB, and Jie Zeng of Tencent Zhanlu Lab.", "sources": [ { "db": "BID", "id": "91725" } ], "trust": 0.3 }, "cve": "CVE-2016-4244", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 10.0, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2016-4244", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "id": "VHN-93063", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "id": "CVE-2016-4244", "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "HIGH", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 9.8, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2016-4244", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2016-4244", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2016-4244", "trust": 0.8, "value": "Critical" }, { "author": "CNNVD", "id": "CNNVD-201607-301", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-93063", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2016-4244", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-93063" }, { "db": "VULMON", "id": "CVE-2016-4244" }, { "db": "JVNDB", "id": "JVNDB-2016-003687" }, { "db": "NVD", "id": "CVE-2016-4244" }, { "db": "CNNVD", "id": "CNNVD-201607-301" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4245, and CVE-2016-4246. \nAttackers can exploit these issues to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition. The product enables viewing of applications, content and video across screens and browsers. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.632\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-4217\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4217\n[ 2 ] CVE-2016-4217\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4217\n[ 3 ] CVE-2016-4218\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4218\n[ 4 ] CVE-2016-4218\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4218\n[ 5 ] CVE-2016-4219\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4219\n[ 6 ] CVE-2016-4219\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4219\n[ 7 ] CVE-2016-4220\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4220\n[ 8 ] CVE-2016-4220\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4220\n[ 9 ] CVE-2016-4221\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4221\n[ 10 ] CVE-2016-4221\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4221\n[ 11 ] CVE-2016-4222\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4222\n[ 12 ] CVE-2016-4222\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4222\n[ 13 ] CVE-2016-4223\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4223\n[ 14 ] CVE-2016-4223\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4223\n[ 15 ] CVE-2016-4224\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4224\n[ 16 ] CVE-2016-4224\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4224\n[ 17 ] CVE-2016-4225\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4225\n[ 18 ] CVE-2016-4225\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4225\n[ 19 ] CVE-2016-4226\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4226\n[ 20 ] CVE-2016-4226\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4226\n[ 21 ] CVE-2016-4227\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4227\n[ 22 ] CVE-2016-4227\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4227\n[ 23 ] CVE-2016-4228\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4228\n[ 24 ] CVE-2016-4228\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4228\n[ 25 ] CVE-2016-4229\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4229\n[ 26 ] CVE-2016-4229\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4229\n[ 27 ] CVE-2016-4230\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4230\n[ 28 ] CVE-2016-4230\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4230\n[ 29 ] CVE-2016-4231\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4231\n[ 30 ] CVE-2016-4231\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4231\n[ 31 ] CVE-2016-4232\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4232\n[ 32 ] CVE-2016-4232\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4232\n[ 33 ] CVE-2016-4233\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4233\n[ 34 ] CVE-2016-4233\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4233\n[ 35 ] CVE-2016-4234\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4234\n[ 36 ] CVE-2016-4234\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4234\n[ 37 ] CVE-2016-4235\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4235\n[ 38 ] CVE-2016-4235\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4235\n[ 39 ] CVE-2016-4236\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4236\n[ 40 ] CVE-2016-4236\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4236\n[ 41 ] CVE-2016-4237\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4237\n[ 42 ] CVE-2016-4237\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4237\n[ 43 ] CVE-2016-4238\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4238\n[ 44 ] CVE-2016-4238\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4238\n[ 45 ] CVE-2016-4239\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4239\n[ 46 ] CVE-2016-4239\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4239\n[ 47 ] CVE-2016-4240\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4240\n[ 48 ] CVE-2016-4240\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4240\n[ 49 ] CVE-2016-4241\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4241\n[ 50 ] CVE-2016-4241\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4241\n[ 51 ] CVE-2016-4242\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4242\n[ 52 ] CVE-2016-4242\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4242\n[ 53 ] CVE-2016-4243\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4243\n[ 54 ] CVE-2016-4243\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4243\n[ 55 ] CVE-2016-4244\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4244\n[ 56 ] CVE-2016-4244\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4244\n[ 57 ] CVE-2016-4245\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4245\n[ 58 ] CVE-2016-4245\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4245\n[ 59 ] CVE-2016-4246\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4246\n[ 60 ] CVE-2016-4246\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4246\n[ 61 ] CVE-2016-4247\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4247\n[ 62 ] CVE-2016-4247\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4247\n[ 63 ] CVE-2016-4248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4248\n[ 64 ] CVE-2016-4248\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4248\n[ 65 ] CVE-2016-4249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4249\n[ 66 ] CVE-2016-4249\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4249\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201607-03\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:1423-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://access.redhat.com/errata/RHSA-2016:1423\nIssue date: 2016-07-13\nCVE Names: CVE-2016-4172 CVE-2016-4173 CVE-2016-4174 \n CVE-2016-4175 CVE-2016-4176 CVE-2016-4177 \n CVE-2016-4178 CVE-2016-4179 CVE-2016-4180 \n CVE-2016-4181 CVE-2016-4182 CVE-2016-4183 \n CVE-2016-4184 CVE-2016-4185 CVE-2016-4186 \n CVE-2016-4187 CVE-2016-4188 CVE-2016-4189 \n CVE-2016-4190 CVE-2016-4217 CVE-2016-4218 \n CVE-2016-4219 CVE-2016-4220 CVE-2016-4221 \n CVE-2016-4222 CVE-2016-4223 CVE-2016-4224 \n CVE-2016-4225 CVE-2016-4226 CVE-2016-4227 \n CVE-2016-4228 CVE-2016-4229 CVE-2016-4230 \n CVE-2016-4231 CVE-2016-4232 CVE-2016-4233 \n CVE-2016-4234 CVE-2016-4235 CVE-2016-4236 \n CVE-2016-4237 CVE-2016-4238 CVE-2016-4239 \n CVE-2016-4240 CVE-2016-4241 CVE-2016-4242 \n CVE-2016-4243 CVE-2016-4244 CVE-2016-4245 \n CVE-2016-4246 CVE-2016-4247 CVE-2016-4248 \n CVE-2016-4249 \n=====================================================================\n\n1. Summary:\n\nAn update for flash-plugin is now available for Red Hat Enterprise Linux 5\nSupplementary and Red Hat Enterprise Linux 6 Supplementary. \n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. \n\nThis update upgrades Flash Player to version 11.2.202.632. These\nvulnerabilities, detailed in the Adobe Security Bulletin listed in the\nReferences section, could allow an attacker to create a specially crafted\nSWF file that would cause flash-plugin to crash, execute arbitrary code, or\ndisclose sensitive information when the victim loaded a page containing the\nmalicious SWF content. (CVE-2016-4172, CVE-2016-4173, CVE-2016-4174,\nCVE-2016-4175, CVE-2016-4176, CVE-2016-4177, CVE-2016-4178, CVE-2016-4179,\nCVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184,\nCVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189,\nCVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220,\nCVE-2016-4221, CVE-2016-4222, CVE-2016-4223, CVE-2016-4224, CVE-2016-4225,\nCVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230,\nCVE-2016-4231, CVE-2016-4232, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235,\nCVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240,\nCVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245,\nCVE-2016-4246, CVE-2016-4247, CVE-2016-4248, CVE-2016-4249)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1355971 - flash-plugin: multiple code execution issues fixed in APSB16-25\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.632-1.el5_11.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.632-1.el5_11.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.632-1.el5_11.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.632-1.el5_11.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.632-1.el6_8.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.632-1.el6_8.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.632-1.el6_8.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.632-1.el6_8.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.632-1.el6_8.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.632-1.el6_8.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-4172\nhttps://access.redhat.com/security/cve/CVE-2016-4173\nhttps://access.redhat.com/security/cve/CVE-2016-4174\nhttps://access.redhat.com/security/cve/CVE-2016-4175\nhttps://access.redhat.com/security/cve/CVE-2016-4176\nhttps://access.redhat.com/security/cve/CVE-2016-4177\nhttps://access.redhat.com/security/cve/CVE-2016-4178\nhttps://access.redhat.com/security/cve/CVE-2016-4179\nhttps://access.redhat.com/security/cve/CVE-2016-4180\nhttps://access.redhat.com/security/cve/CVE-2016-4181\nhttps://access.redhat.com/security/cve/CVE-2016-4182\nhttps://access.redhat.com/security/cve/CVE-2016-4183\nhttps://access.redhat.com/security/cve/CVE-2016-4184\nhttps://access.redhat.com/security/cve/CVE-2016-4185\nhttps://access.redhat.com/security/cve/CVE-2016-4186\nhttps://access.redhat.com/security/cve/CVE-2016-4187\nhttps://access.redhat.com/security/cve/CVE-2016-4188\nhttps://access.redhat.com/security/cve/CVE-2016-4189\nhttps://access.redhat.com/security/cve/CVE-2016-4190\nhttps://access.redhat.com/security/cve/CVE-2016-4217\nhttps://access.redhat.com/security/cve/CVE-2016-4218\nhttps://access.redhat.com/security/cve/CVE-2016-4219\nhttps://access.redhat.com/security/cve/CVE-2016-4220\nhttps://access.redhat.com/security/cve/CVE-2016-4221\nhttps://access.redhat.com/security/cve/CVE-2016-4222\nhttps://access.redhat.com/security/cve/CVE-2016-4223\nhttps://access.redhat.com/security/cve/CVE-2016-4224\nhttps://access.redhat.com/security/cve/CVE-2016-4225\nhttps://access.redhat.com/security/cve/CVE-2016-4226\nhttps://access.redhat.com/security/cve/CVE-2016-4227\nhttps://access.redhat.com/security/cve/CVE-2016-4228\nhttps://access.redhat.com/security/cve/CVE-2016-4229\nhttps://access.redhat.com/security/cve/CVE-2016-4230\nhttps://access.redhat.com/security/cve/CVE-2016-4231\nhttps://access.redhat.com/security/cve/CVE-2016-4232\nhttps://access.redhat.com/security/cve/CVE-2016-4233\nhttps://access.redhat.com/security/cve/CVE-2016-4234\nhttps://access.redhat.com/security/cve/CVE-2016-4235\nhttps://access.redhat.com/security/cve/CVE-2016-4236\nhttps://access.redhat.com/security/cve/CVE-2016-4237\nhttps://access.redhat.com/security/cve/CVE-2016-4238\nhttps://access.redhat.com/security/cve/CVE-2016-4239\nhttps://access.redhat.com/security/cve/CVE-2016-4240\nhttps://access.redhat.com/security/cve/CVE-2016-4241\nhttps://access.redhat.com/security/cve/CVE-2016-4242\nhttps://access.redhat.com/security/cve/CVE-2016-4243\nhttps://access.redhat.com/security/cve/CVE-2016-4244\nhttps://access.redhat.com/security/cve/CVE-2016-4245\nhttps://access.redhat.com/security/cve/CVE-2016-4246\nhttps://access.redhat.com/security/cve/CVE-2016-4247\nhttps://access.redhat.com/security/cve/CVE-2016-4248\nhttps://access.redhat.com/security/cve/CVE-2016-4249\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-25.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFXho6cXlSAg2UNWIIRAp9tAKCwWeHDwGxx4MZRSsZtYsaP7bf+8ACcCmVr\n3PPWGTqHtaFvIBLqaCpxcMk=\n=uyDE\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n", "sources": [ { "db": "NVD", "id": "CVE-2016-4244" }, { "db": "JVNDB", "id": "JVNDB-2016-003687" }, { "db": "BID", "id": "91725" }, { "db": "VULHUB", "id": "VHN-93063" }, { "db": "VULMON", "id": "CVE-2016-4244" }, { "db": "PACKETSTORM", "id": "137897" }, { "db": "PACKETSTORM", "id": "137898" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2016-4244", "trust": 3.1 }, { "db": "BID", "id": "91725", "trust": 2.1 }, { "db": "SECTRACK", "id": "1036280", "trust": 1.8 }, { "db": "JVNDB", "id": "JVNDB-2016-003687", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201607-301", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-93063", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2016-4244", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "137897", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "137898", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-93063" }, { "db": "VULMON", "id": "CVE-2016-4244" }, { "db": "BID", "id": "91725" }, { "db": "JVNDB", "id": "JVNDB-2016-003687" }, { "db": "PACKETSTORM", "id": "137897" }, { "db": "PACKETSTORM", "id": "137898" }, { "db": "NVD", "id": "CVE-2016-4244" }, { "db": "CNNVD", "id": "CNNVD-201607-301" } ] }, "id": "VAR-201607-0519", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-93063" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T12:05:29.496000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "APSB16-25", "trust": 0.8, "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "title": "APSB16-25", "trust": 0.8, "url": "https://helpx.adobe.com/jp/security/products/flash-player/apsb16-25.html" }, { "title": "Google Chrome", "trust": 0.8, "url": "https://www.google.com/intl/ja/chrome/browser/features.html" }, { "title": "Chrome Releases", "trust": 0.8, "url": "http://googlechromereleases.blogspot.jp/" }, { "title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b", "trust": 0.8, "url": "https://support.google.com/chrome/answer/95414?hl=ja" }, { "title": "MS16-093", "trust": 0.8, "url": "https://technet.microsoft.com/en-us/library/security/ms16-093.aspx" }, { "title": "MS16-093", "trust": 0.8, "url": "https://technet.microsoft.com/ja-jp/library/security/ms16-093.aspx" }, { "title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b", "trust": 0.8, "url": "http://www.fmworld.net/biz/common/adobe/20160714f.html" }, { "title": "Adobe Flash Player Security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=62884" }, { "title": "Red Hat: CVE-2016-4244", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-4244" }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4245 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4181 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4246 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4184 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4180 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4182 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4188 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4244 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4185 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4238 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4186 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4221 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4239 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4187 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4234 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4235 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4237 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4236 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4240 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4233 " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2016-4183 " }, { "title": "CVE-Study", "trust": 0.1, "url": "https://github.com/thdusdl1219/cve-study " }, { "title": "BleepingComputer", "trust": 0.1, "url": "https://www.bleepingcomputer.com/news/security/adobe-releases-updates-that-resolve-83-security-vulnerabilities/" } ], "sources": [ { "db": "VULMON", "id": "CVE-2016-4244" }, { "db": "JVNDB", "id": "JVNDB-2016-003687" }, { "db": "CNNVD", "id": "CNNVD-201607-301" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-787", "trust": 1.1 }, { "problemtype": "CWE-119", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-93063" }, { "db": "JVNDB", "id": "JVNDB-2016-003687" }, { "db": "NVD", "id": "CVE-2016-4244" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.2, "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" }, { "trust": 1.9, "url": "https://security.gentoo.org/glsa/201607-03" }, { "trust": 1.9, "url": "https://access.redhat.com/errata/rhsa-2016:1423" }, { "trust": 1.8, "url": "http://www.securityfocus.com/bid/91725" }, { "trust": 1.8, "url": "http://www.securitytracker.com/id/1036280" }, { "trust": 1.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" }, { "trust": 1.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4244" }, { "trust": 0.8, "url": "https://www.ipa.go.jp/security/ciadr/vul/20160713-adobeflashplayer.html" }, { "trust": 0.8, "url": "http://www.jpcert.or.jp/at/2016/at160029.html" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4244" }, { "trust": 0.8, "url": "http://www.npa.go.jp/cyberpolice/topics/?seq=18710" }, { "trust": 0.3, "url": "https://www.adobe.com/software/flash/about/" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2016-4244" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4223" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4221" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4219" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4224" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4222" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4218" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4225" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4220" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4217" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/787.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4237" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4221" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4224" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4228" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4240" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4236" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4242" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4223" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4219" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4233" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4234" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4234" }, { "trust": 0.1, "url": "https://security.gentoo.org/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4218" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4238" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4220" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4245" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4232" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4230" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4238" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4235" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4231" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4249" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4247" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4225" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4226" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4229" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4217" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4242" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4233" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4239" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4243" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4240" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4228" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4244" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4222" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4230" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4231" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4232" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4229" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4241" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4227" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4237" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4236" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4244" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4226" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4227" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4235" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4248" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4241" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4246" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4239" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4243" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4236" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4241" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4173" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4223" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4187" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4187" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4220" }, { "trust": 0.1, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4181" }, { "trust": 0.1, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4239" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4177" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4242" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4189" }, { "trust": 0.1, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4218" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4233" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4227" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4238" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4173" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4245" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4217" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4186" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4180" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4249" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4231" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4172" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4230" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4186" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4248" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4226" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4174" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4221" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4225" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4175" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4177" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4243" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4180" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4182" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4224" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4178" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4246" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4234" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4190" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4188" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4219" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4229" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4222" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4182" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4183" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4176" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4232" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4172" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4240" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4185" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4179" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4188" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4228" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4247" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4179" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4175" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4178" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4183" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4174" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4184" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4190" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4185" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4235" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4176" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4181" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4184" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4189" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4237" } ], "sources": [ { "db": "VULHUB", "id": "VHN-93063" }, { "db": "VULMON", "id": "CVE-2016-4244" }, { "db": "BID", "id": "91725" }, { "db": "JVNDB", "id": "JVNDB-2016-003687" }, { "db": "PACKETSTORM", "id": "137897" }, { "db": "PACKETSTORM", "id": "137898" }, { "db": "NVD", "id": "CVE-2016-4244" }, { "db": "CNNVD", "id": "CNNVD-201607-301" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-93063" }, { "db": "VULMON", "id": "CVE-2016-4244" }, { "db": "BID", "id": "91725" }, { "db": "JVNDB", "id": "JVNDB-2016-003687" }, { "db": "PACKETSTORM", "id": "137897" }, { "db": "PACKETSTORM", "id": "137898" }, { "db": "NVD", "id": "CVE-2016-4244" }, { "db": "CNNVD", "id": "CNNVD-201607-301" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-07-13T00:00:00", "db": "VULHUB", "id": "VHN-93063" }, { "date": "2016-07-13T00:00:00", "db": "VULMON", "id": "CVE-2016-4244" }, { "date": "2016-07-12T00:00:00", "db": "BID", "id": "91725" }, { "date": "2016-07-15T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-003687" }, { "date": "2016-07-13T23:48:07", "db": "PACKETSTORM", "id": "137897" }, { "date": "2016-07-13T23:48:58", "db": "PACKETSTORM", "id": "137898" }, { "date": "2016-07-13T02:00:50.517000", "db": "NVD", "id": "CVE-2016-4244" }, { "date": "2016-07-13T00:00:00", "db": "CNNVD", "id": "CNNVD-201607-301" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-01-25T00:00:00", "db": "VULHUB", "id": "VHN-93063" }, { "date": "2023-01-25T00:00:00", "db": "VULMON", "id": "CVE-2016-4244" }, { "date": "2016-07-12T00:00:00", "db": "BID", "id": "91725" }, { "date": "2016-07-15T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-003687" }, { "date": "2023-01-25T03:40:05.533000", "db": "NVD", "id": "CVE-2016-4244" }, { "date": "2023-01-28T00:00:00", "db": "CNNVD", "id": "CNNVD-201607-301" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "137897" }, { "db": "CNNVD", "id": "CNNVD-201607-301" } ], "trust": 0.7 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adobe Flash Player Vulnerable to arbitrary code execution", "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-003687" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201607-301" } ], "trust": 0.6 } }
var-201602-0341
Vulnerability from variot
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. This vulnerability is CVE-2016-0964 , CVE-2016-0965 , CVE-2016-0966 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0978 , CVE-2016-0979 , CVE-2016-0980 ,and CVE-2016-0981 This is a different vulnerability.Arbitrary code execution or denial of service by an attacker ( Memory corruption ) May be in a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK & Compiler 20.0 .0.233 and earlier.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v "www-plugins/adobe-flash-11.2.202.577"
References
[ 1 ] CVE-2016-0960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960 [ 2 ] CVE-2016-0961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961 [ 3 ] CVE-2016-0962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962 [ 4 ] CVE-2016-0963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963 [ 5 ] CVE-2016-0964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964 [ 6 ] CVE-2016-0965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965 [ 7 ] CVE-2016-0966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966 [ 8 ] CVE-2016-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967 [ 9 ] CVE-2016-0968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968 [ 10 ] CVE-2016-0969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969 [ 11 ] CVE-2016-0970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970 [ 12 ] CVE-2016-0971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971 [ 13 ] CVE-2016-0972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972 [ 14 ] CVE-2016-0973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973 [ 15 ] CVE-2016-0974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974 [ 16 ] CVE-2016-0975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975 [ 17 ] CVE-2016-0976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976 [ 18 ] CVE-2016-0977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977 [ 19 ] CVE-2016-0978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978 [ 20 ] CVE-2016-0979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979 [ 21 ] CVE-2016-0980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980 [ 22 ] CVE-2016-0981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981 [ 23 ] CVE-2016-0982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982 [ 24 ] CVE-2016-0983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983 [ 25 ] CVE-2016-0984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984 [ 26 ] CVE-2016-0985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985 [ 27 ] CVE-2016-0986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986 [ 28 ] CVE-2016-0987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987 [ 29 ] CVE-2016-0988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988 [ 30 ] CVE-2016-0989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989 [ 31 ] CVE-2016-0990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990 [ 32 ] CVE-2016-0991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991 [ 33 ] CVE-2016-0992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992 [ 34 ] CVE-2016-0993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993 [ 35 ] CVE-2016-0994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994 [ 36 ] CVE-2016-0995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995 [ 37 ] CVE-2016-0996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996 [ 38 ] CVE-2016-0997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997 [ 39 ] CVE-2016-0998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998 [ 40 ] CVE-2016-0999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999 [ 41 ] CVE-2016-1000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000 [ 42 ] CVE-2016-1001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001 [ 43 ] CVE-2016-1002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002 [ 44 ] CVE-2016-1005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005 [ 45 ] CVE-2016-1010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:0166-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html Issue date: 2016-02-10 CVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.569.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.569-1.el5.i386.rpm
x86_64: flash-plugin-11.2.202.569-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.569-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0964 https://access.redhat.com/security/cve/CVE-2016-0965 https://access.redhat.com/security/cve/CVE-2016-0966 https://access.redhat.com/security/cve/CVE-2016-0967 https://access.redhat.com/security/cve/CVE-2016-0968 https://access.redhat.com/security/cve/CVE-2016-0969 https://access.redhat.com/security/cve/CVE-2016-0970 https://access.redhat.com/security/cve/CVE-2016-0971 https://access.redhat.com/security/cve/CVE-2016-0972 https://access.redhat.com/security/cve/CVE-2016-0973 https://access.redhat.com/security/cve/CVE-2016-0974 https://access.redhat.com/security/cve/CVE-2016-0975 https://access.redhat.com/security/cve/CVE-2016-0976 https://access.redhat.com/security/cve/CVE-2016-0977 https://access.redhat.com/security/cve/CVE-2016-0978 https://access.redhat.com/security/cve/CVE-2016-0979 https://access.redhat.com/security/cve/CVE-2016-0980 https://access.redhat.com/security/cve/CVE-2016-0981 https://access.redhat.com/security/cve/CVE-2016-0982 https://access.redhat.com/security/cve/CVE-2016-0983 https://access.redhat.com/security/cve/CVE-2016-0984 https://access.redhat.com/security/cve/CVE-2016-0985 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a BqfeXKQ7gO6znLLAPjMjwBk= =bzir -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201602-0341", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "18.0.0.326" }, { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "20.0.0.272" }, { "model": "air sdk", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "20.0.0.233" }, { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "20.0.0.286" }, { "model": "flash player desktop runtime", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "20.0.0.286" }, { "model": "air desktop runtime", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "20.0.0.233" }, { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "11.2.202.559" }, { "model": "air sdk \\\u0026 compiler", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "20.0.0.233" }, { "model": "chrome", "scope": null, "trust": 0.8, "vendor": "google", "version": null }, { "model": "air", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "desktop runtime 20.0.0.260 (windows/macintosh)" }, { "model": "air sdk", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "20.0.0.260 (windows/macintosh/android/ios)" }, { "model": "air sdk \u0026 compiler", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "20.0.0.260 (windows/macintosh/android/ios)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "11.2.202.569 (linux)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "20.0.0.306 (windows 10 edition microsoft edge/internet explorer 11)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "20.0.0.306 (windows 8.1 edition internet explorer 11)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "20.0.0.306 (windows/macintosh/linux/chromeos edition chrome)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "desktop runtime 20.0.0.306 (windows/macintosh)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "continuous support release 18.0.0.329 (windows/macintosh)" }, { "model": "windows 10", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for 32-bit systems" }, { "model": "windows 10", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for x64-based systems" }, { "model": "windows 10", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "version 1511 for 32-bit systems" }, { "model": "windows 10", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "version 1511 for x64-based systems" }, { "model": "windows 8.1", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for 32-bit systems" }, { "model": "windows 8.1", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for x64-based systems" }, { "model": "windows rt 8.1", "scope": null, "trust": 0.8, "vendor": "microsoft", "version": null }, { "model": "windows server 2012", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "none" }, { "model": "windows server 2012", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "r2" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "20.0.0.286" }, { "model": "air sdk \\\\\\\u0026 compiler", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "20.0.0.233" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "19.0.0.245" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "19.0.0.207" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "18.0.0.326" }, { "model": "air sdk", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "20.0.0.233" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "20.0.0.228" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "11.2.202.559" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "19.0.0.226" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "20.0.0.235" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-001429" }, { "db": "NVD", "id": "CVE-2016-0970" }, { "db": "CNNVD", "id": "CNNVD-201602-228" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.2.202.559", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "cpe_name": [], "versionEndIncluding": "18.0.0.326", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer:*:*", "cpe_name": [], "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "cpe_name": [], "versionEndIncluding": "20.0.0.286", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "cpe_name": [], "versionEndIncluding": "20.0.0.272", "vulnerable": true } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:air_desktop_runtime:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "20.0.0.233", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2016-0970" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Gentoo", "sources": [ { "db": "PACKETSTORM", "id": "136202" } ], "trust": 0.1 }, "cve": "CVE-2016-0970", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 10.0, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2016-0970", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "id": "VHN-88480", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "id": "CVE-2016-0970", "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "HIGH", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" } ], "severity": [ { "author": "NVD", "id": "CVE-2016-0970", "trust": 1.8, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201602-228", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-88480", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2016-0970", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-88480" }, { "db": "VULMON", "id": "CVE-2016-0970" }, { "db": "JVNDB", "id": "JVNDB-2016-001429" }, { "db": "NVD", "id": "CVE-2016-0970" }, { "db": "CNNVD", "id": "CNNVD-201602-228" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK \u0026 Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981. This vulnerability is CVE-2016-0964 , CVE-2016-0965 , CVE-2016-0966 , CVE-2016-0967 , CVE-2016-0968 , CVE-2016-0969 , CVE-2016-0972 , CVE-2016-0976 , CVE-2016-0977 , CVE-2016-0978 , CVE-2016-0979 , CVE-2016-0980 ,and CVE-2016-0981 This is a different vulnerability.Arbitrary code execution or denial of service by an attacker ( Memory corruption ) May be in a state. Security flaws exist in several Adobe products. The following products and versions are affected: Adobe Flash Player Desktop Runtime 20.0.0.286 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.326 and earlier versions, AIR Desktop Runtime 20.0.0.233 and earlier versions, based on Windows , Macintosh, Linux, and ChromeOS platforms Adobe Flash Player for Google Chrome 20.0.0.286 and earlier versions, Windows 10-based Adobe Flash Player for Microsoft Edge and Internet Explorer 11 20.0.0.272 and earlier versions, Windows 8.1-based Adobe Flash Player for Internet Explorer 11 20.0.0.272 and earlier versions, Adobe Flash Player 11.2.202.559 and earlier versions based on Linux platforms, AIR SDK 20.0.0.233 and earlier versions based on Windows, Macintosh, Android and iOS platforms, AIR SDK \u0026 Compiler 20.0 .0.233 and earlier. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \nPlease review the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker could possibly execute arbitrary code with the\nprivileges of the process, cause a Denial of Service condition, obtain\nsensitive information, or bypass security restrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"www-plugins/adobe-flash-11.2.202.577\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-0960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0960\n[ 2 ] CVE-2016-0961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0961\n[ 3 ] CVE-2016-0962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0962\n[ 4 ] CVE-2016-0963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0963\n[ 5 ] CVE-2016-0964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0964\n[ 6 ] CVE-2016-0965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0965\n[ 7 ] CVE-2016-0966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0966\n[ 8 ] CVE-2016-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0967\n[ 9 ] CVE-2016-0968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0968\n[ 10 ] CVE-2016-0969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0969\n[ 11 ] CVE-2016-0970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0970\n[ 12 ] CVE-2016-0971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0971\n[ 13 ] CVE-2016-0972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0972\n[ 14 ] CVE-2016-0973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0973\n[ 15 ] CVE-2016-0974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0974\n[ 16 ] CVE-2016-0975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0975\n[ 17 ] CVE-2016-0976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0976\n[ 18 ] CVE-2016-0977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0977\n[ 19 ] CVE-2016-0978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0978\n[ 20 ] CVE-2016-0979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0979\n[ 21 ] CVE-2016-0980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0980\n[ 22 ] CVE-2016-0981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0981\n[ 23 ] CVE-2016-0982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0982\n[ 24 ] CVE-2016-0983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0983\n[ 25 ] CVE-2016-0984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0984\n[ 26 ] CVE-2016-0985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0985\n[ 27 ] CVE-2016-0986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0986\n[ 28 ] CVE-2016-0987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0987\n[ 29 ] CVE-2016-0988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0988\n[ 30 ] CVE-2016-0989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0989\n[ 31 ] CVE-2016-0990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0990\n[ 32 ] CVE-2016-0991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0991\n[ 33 ] CVE-2016-0992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0992\n[ 34 ] CVE-2016-0993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0993\n[ 35 ] CVE-2016-0994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0994\n[ 36 ] CVE-2016-0995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0995\n[ 37 ] CVE-2016-0996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0996\n[ 38 ] CVE-2016-0997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0997\n[ 39 ] CVE-2016-0998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0998\n[ 40 ] CVE-2016-0999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0999\n[ 41 ] CVE-2016-1000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1000\n[ 42 ] CVE-2016-1001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1001\n[ 43 ] CVE-2016-1002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1002\n[ 44 ] CVE-2016-1005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1005\n[ 45 ] CVE-2016-1010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1010\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201603-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:0166-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2016-0166.html\nIssue date: 2016-02-10\nCVE Names: CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 \n CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 \n CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 \n CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 \n CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 \n CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 \n CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 \n CVE-2016-0985 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities, detailed in the Adobe Security Bulletin APSB16-04 listed\nin the References section, could allow an attacker to create a specially\ncrafted SWF file that would cause flash-plugin to crash, execute arbitrary\ncode, or disclose sensitive information when the victim loaded a page\ncontaining the malicious SWF content. (CVE-2016-0964, CVE-2016-0965,\nCVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970,\nCVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,\nCVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980,\nCVE-2016-0981, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984, CVE-2016-0985)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 11.2.202.569. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1306015 - flash-plugin: multiple code execution issues fixed in APSB16-04\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.569-1.el6_7.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0964\nhttps://access.redhat.com/security/cve/CVE-2016-0965\nhttps://access.redhat.com/security/cve/CVE-2016-0966\nhttps://access.redhat.com/security/cve/CVE-2016-0967\nhttps://access.redhat.com/security/cve/CVE-2016-0968\nhttps://access.redhat.com/security/cve/CVE-2016-0969\nhttps://access.redhat.com/security/cve/CVE-2016-0970\nhttps://access.redhat.com/security/cve/CVE-2016-0971\nhttps://access.redhat.com/security/cve/CVE-2016-0972\nhttps://access.redhat.com/security/cve/CVE-2016-0973\nhttps://access.redhat.com/security/cve/CVE-2016-0974\nhttps://access.redhat.com/security/cve/CVE-2016-0975\nhttps://access.redhat.com/security/cve/CVE-2016-0976\nhttps://access.redhat.com/security/cve/CVE-2016-0977\nhttps://access.redhat.com/security/cve/CVE-2016-0978\nhttps://access.redhat.com/security/cve/CVE-2016-0979\nhttps://access.redhat.com/security/cve/CVE-2016-0980\nhttps://access.redhat.com/security/cve/CVE-2016-0981\nhttps://access.redhat.com/security/cve/CVE-2016-0982\nhttps://access.redhat.com/security/cve/CVE-2016-0983\nhttps://access.redhat.com/security/cve/CVE-2016-0984\nhttps://access.redhat.com/security/cve/CVE-2016-0985\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-04.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWu6e/XlSAg2UNWIIRAjmUAKCGpUXzgRVrT3PakYJ2DXND2WjYigCeN69a\nBqfeXKQ7gO6znLLAPjMjwBk=\n=bzir\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n", "sources": [ { "db": "NVD", "id": "CVE-2016-0970" }, { "db": "JVNDB", "id": "JVNDB-2016-001429" }, { "db": "VULHUB", "id": "VHN-88480" }, { "db": "VULMON", "id": "CVE-2016-0970" }, { "db": "PACKETSTORM", "id": "136202" }, { "db": "PACKETSTORM", "id": "135727" } ], "trust": 1.98 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2016-0970", "trust": 2.8 }, { "db": "SECTRACK", "id": "1034970", "trust": 1.8 }, { "db": "JVNDB", "id": "JVNDB-2016-001429", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201602-228", "trust": 0.7 }, { "db": "VULHUB", "id": "VHN-88480", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2016-0970", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "136202", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "135727", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-88480" }, { "db": "VULMON", "id": "CVE-2016-0970" }, { "db": "JVNDB", "id": "JVNDB-2016-001429" }, { "db": "PACKETSTORM", "id": "136202" }, { "db": "PACKETSTORM", "id": "135727" }, { "db": "NVD", "id": "CVE-2016-0970" }, { "db": "CNNVD", "id": "CNNVD-201602-228" } ] }, "id": "VAR-201602-0341", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-88480" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T12:06:08.287000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "APSB16-04", "trust": 0.8, "url": "http://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "title": "APSB16-04", "trust": 0.8, "url": "http://helpx.adobe.com/jp/security/products/flash-player/apsb16-04.html" }, { "title": "Google Chrome", "trust": 0.8, "url": "https://www.google.com/intl/ja/chrome/browser/features.html" }, { "title": "Chrome Releases", "trust": 0.8, "url": "http://googlechromereleases.blogspot.jp/" }, { "title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b", "trust": 0.8, "url": "https://support.google.com/chrome/answer/95414?hl=ja" }, { "title": "Security Update for Adobe Flash Player (3135782)", "trust": 0.8, "url": "https://technet.microsoft.com/en-us/library/security/ms16-022.aspx" }, { "title": "Adobe Flash Player \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (3135782)", "trust": 0.8, "url": "https://technet.microsoft.com/ja-jp/library/security/ms16-022.aspx" }, { "title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b", "trust": 0.8, "url": "http://www.fmworld.net/biz/common/adobe/20160212f.html" }, { "title": "Multiple Adobe Product security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=60170" }, { "title": "Red Hat: CVE-2016-0970", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-0970" }, { "title": "CVE-Study", "trust": 0.1, "url": "https://github.com/thdusdl1219/cve-study " } ], "sources": [ { "db": "VULMON", "id": "CVE-2016-0970" }, { "db": "JVNDB", "id": "JVNDB-2016-001429" }, { "db": "CNNVD", "id": "CNNVD-201602-228" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-787", "trust": 1.1 }, { "problemtype": "CWE-119", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-88480" }, { "db": "JVNDB", "id": "JVNDB-2016-001429" }, { "db": "NVD", "id": "CVE-2016-0970" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.9, "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" }, { "trust": 1.9, "url": "https://security.gentoo.org/glsa/201603-07" }, { "trust": 1.9, "url": "http://rhn.redhat.com/errata/rhsa-2016-0166.html" }, { "trust": 1.8, "url": "http://www.securitytracker.com/id/1034970" }, { "trust": 1.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" }, { "trust": 1.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" }, { "trust": 1.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" }, { "trust": 1.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0970" }, { "trust": 0.8, "url": "https://www.ipa.go.jp/security/ciadr/vul/20160210-adobeflashplayer.html" }, { "trust": 0.8, "url": "http://www.jpcert.or.jp/at/2016/at160008.html" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0970" }, { "trust": 0.8, "url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17700" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2016-0970" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0964" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0973" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0979" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0976" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0984" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0966" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0972" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0975" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0983" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0977" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0969" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0970" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0982" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0965" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0967" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0985" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0980" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0968" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0981" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0978" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0974" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0971" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/787.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0974" }, { "trust": 0.1, "url": "https://security.gentoo.org/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0967" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0987" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0993" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1000" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0995" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0963" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0996" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0962" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0986" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0983" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0973" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0968" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1010" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0991" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0984" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0987" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1001" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0972" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0988" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1002" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1005" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0965" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0961" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0976" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0961" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0979" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0985" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0998" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0999" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0992" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0982" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0960" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0963" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0966" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0975" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0964" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0981" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0990" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0971" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0969" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0960" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0978" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0997" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0970" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0962" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0989" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0986" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0977" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0994" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-0980" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0983" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0976" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0967" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0977" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0978" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0979" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0985" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0984" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0971" }, { "trust": 0.1, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0972" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0966" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0969" }, { "trust": 0.1, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0968" }, { "trust": 0.1, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0982" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0964" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0973" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0974" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0981" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0965" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0975" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-0980" } ], "sources": [ { "db": "VULHUB", "id": "VHN-88480" }, { "db": "VULMON", "id": "CVE-2016-0970" }, { "db": "JVNDB", "id": "JVNDB-2016-001429" }, { "db": "PACKETSTORM", "id": "136202" }, { "db": "PACKETSTORM", "id": "135727" }, { "db": "NVD", "id": "CVE-2016-0970" }, { "db": "CNNVD", "id": "CNNVD-201602-228" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-88480" }, { "db": "VULMON", "id": "CVE-2016-0970" }, { "db": "JVNDB", "id": "JVNDB-2016-001429" }, { "db": "PACKETSTORM", "id": "136202" }, { "db": "PACKETSTORM", "id": "135727" }, { "db": "NVD", "id": "CVE-2016-0970" }, { "db": "CNNVD", "id": "CNNVD-201602-228" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-02-10T00:00:00", "db": "VULHUB", "id": "VHN-88480" }, { "date": "2016-02-10T00:00:00", "db": "VULMON", "id": "CVE-2016-0970" }, { "date": "2016-02-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-001429" }, { "date": "2016-03-14T14:50:59", "db": "PACKETSTORM", "id": "136202" }, { "date": "2016-02-11T17:41:19", "db": "PACKETSTORM", "id": "135727" }, { "date": "2016-02-10T20:59:17.827000", "db": "NVD", "id": "CVE-2016-0970" }, { "date": "2016-02-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201602-228" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-01-30T00:00:00", "db": "VULHUB", "id": "VHN-88480" }, { "date": "2023-01-30T00:00:00", "db": "VULMON", "id": "CVE-2016-0970" }, { "date": "2016-02-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-001429" }, { "date": "2023-01-30T17:59:23.660000", "db": "NVD", "id": "CVE-2016-0970" }, { "date": "2023-02-01T00:00:00", "db": "CNNVD", "id": "CNNVD-201602-228" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "136202" }, { "db": "CNNVD", "id": "CNNVD-201602-228" } ], "trust": 0.7 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adobe Flash Player and Adobe AIR Vulnerabilities in arbitrary code execution", "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-001429" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201602-228" } ], "trust": 0.6 } }
var-201606-0497
Vulnerability from variot
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. This case MS16-083 This is a different vulnerability than the other vulnerabilities listed on the list.It may be affected unspecified. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. The former is the default browser included with operating systems prior to Windows 10; the latter is the default browser included with Windows 10, the latest operating system. in the United States. The former is a multimedia player product library; the latter is a cross-platform, browser-based multimedia player product. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:1238-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://access.redhat.com/errata/RHSA-2016:1238 Issue date: 2016-06-17 CVE Names: CVE-2016-4122 CVE-2016-4123 CVE-2016-4124 CVE-2016-4125 CVE-2016-4127 CVE-2016-4128 CVE-2016-4129 CVE-2016-4130 CVE-2016-4131 CVE-2016-4132 CVE-2016-4133 CVE-2016-4134 CVE-2016-4135 CVE-2016-4136 CVE-2016-4137 CVE-2016-4138 CVE-2016-4139 CVE-2016-4140 CVE-2016-4141 CVE-2016-4142 CVE-2016-4143 CVE-2016-4144 CVE-2016-4145 CVE-2016-4146 CVE-2016-4147 CVE-2016-4148 CVE-2016-4149 CVE-2016-4150 CVE-2016-4151 CVE-2016-4152 CVE-2016-4153 CVE-2016-4154 CVE-2016-4155 CVE-2016-4156 CVE-2016-4166 CVE-2016-4171 =====================================================================
- Summary:
An update for flash-plugin is now available for Red Hat Enterprise Linux 5 Supplementary and Red Hat Enterprise Linux 6 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
This update upgrades Flash Player to version 11.2.202.626. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125, CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130, CVE-2016-4131, CVE-2016-4132, CVE-2016-4133, CVE-2016-4134, CVE-2016-4135, CVE-2016-4136, CVE-2016-4137, CVE-2016-4138, CVE-2016-4139, CVE-2016-4140, CVE-2016-4141, CVE-2016-4142, CVE-2016-4143, CVE-2016-4144, CVE-2016-4145, CVE-2016-4146, CVE-2016-4147, CVE-2016-4148, CVE-2016-4149, CVE-2016-4150, CVE-2016-4151, CVE-2016-4152, CVE-2016-4153, CVE-2016-4154, CVE-2016-4155, CVE-2016-4156, CVE-2016-4166, CVE-2016-4171)
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1346665 - flash-plugin: multiple code execution issues fixed in APSB16-18
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: flash-plugin-11.2.202.626-1.el5_11.i386.rpm
x86_64: flash-plugin-11.2.202.626-1.el5_11.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: flash-plugin-11.2.202.626-1.el5_11.i386.rpm
x86_64: flash-plugin-11.2.202.626-1.el5_11.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.626-1.el6_8.i686.rpm
x86_64: flash-plugin-11.2.202.626-1.el6_8.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.626-1.el6_8.i686.rpm
x86_64: flash-plugin-11.2.202.626-1.el6_8.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.626-1.el6_8.i686.rpm
x86_64: flash-plugin-11.2.202.626-1.el6_8.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-4122 https://access.redhat.com/security/cve/CVE-2016-4123 https://access.redhat.com/security/cve/CVE-2016-4124 https://access.redhat.com/security/cve/CVE-2016-4125 https://access.redhat.com/security/cve/CVE-2016-4127 https://access.redhat.com/security/cve/CVE-2016-4128 https://access.redhat.com/security/cve/CVE-2016-4129 https://access.redhat.com/security/cve/CVE-2016-4130 https://access.redhat.com/security/cve/CVE-2016-4131 https://access.redhat.com/security/cve/CVE-2016-4132 https://access.redhat.com/security/cve/CVE-2016-4133 https://access.redhat.com/security/cve/CVE-2016-4134 https://access.redhat.com/security/cve/CVE-2016-4135 https://access.redhat.com/security/cve/CVE-2016-4136 https://access.redhat.com/security/cve/CVE-2016-4137 https://access.redhat.com/security/cve/CVE-2016-4138 https://access.redhat.com/security/cve/CVE-2016-4139 https://access.redhat.com/security/cve/CVE-2016-4140 https://access.redhat.com/security/cve/CVE-2016-4141 https://access.redhat.com/security/cve/CVE-2016-4142 https://access.redhat.com/security/cve/CVE-2016-4143 https://access.redhat.com/security/cve/CVE-2016-4144 https://access.redhat.com/security/cve/CVE-2016-4145 https://access.redhat.com/security/cve/CVE-2016-4146 https://access.redhat.com/security/cve/CVE-2016-4147 https://access.redhat.com/security/cve/CVE-2016-4148 https://access.redhat.com/security/cve/CVE-2016-4149 https://access.redhat.com/security/cve/CVE-2016-4150 https://access.redhat.com/security/cve/CVE-2016-4151 https://access.redhat.com/security/cve/CVE-2016-4152 https://access.redhat.com/security/cve/CVE-2016-4153 https://access.redhat.com/security/cve/CVE-2016-4154 https://access.redhat.com/security/cve/CVE-2016-4155 https://access.redhat.com/security/cve/CVE-2016-4156 https://access.redhat.com/security/cve/CVE-2016-4166 https://access.redhat.com/security/cve/CVE-2016-4171 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-18.html https://helpx.adobe.com/security/products/flash-player/apsa16-03.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFXY7HIXlSAg2UNWIIRAmytAJ9KBVDAyt7RbmNznJhC6uA9WwA6tACfSNyo /QNQeCm3xe5AByAOnb1Veh0= =5kdV -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201606-0497", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "enterprise linux workstation", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "opensuse", "scope": "eq", "trust": 1.0, "vendor": "opensuse", "version": "13.1" }, { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "11.2.202.621" }, { "model": "flash player", "scope": "eq", "trust": 1.0, "vendor": "adobe", "version": null }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "5.0" }, { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "18.0.0.352" }, { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "21.0.0.242" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "5.0" }, { "model": "linux enterprise desktop", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "12" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "opensuse", "scope": "eq", "trust": 1.0, "vendor": "opensuse", "version": "13.2" }, { "model": "flash player desktop runtime", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "21.0.0.242" }, { "model": "linux enterprise workstation extension", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "12" }, { "model": "enterprise linux server", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "enterprise linux server", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "5.0" }, { "model": "chrome", "scope": null, "trust": 0.8, "vendor": "google", "version": null }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "11.2.202.626 (linux)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "22.0.0.192 (windows 10/8.1 edition microsoft edge/internet explorer 11)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "22.0.0.192 (windows/macintosh/linux/chromeos edition chrome)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "desktop runtime 22.0.0.192 (windows/macintosh)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "continuous support release 18.0.0.360 (windows/macintosh)" }, { "model": "windows 10", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for 32-bit systems" }, { "model": "windows 10", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for x64-based systems" }, { "model": "windows 10", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "version 1511 for 32-bit systems" }, { "model": "windows 10", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "version 1511 for x64-based systems" }, { "model": "windows 8.1", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for 32-bit systems" }, { "model": "windows 8.1", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "for x64-based systems" }, { "model": "windows rt 8.1", "scope": null, "trust": 0.8, "vendor": "microsoft", "version": null }, { "model": "windows server 2012", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "none" }, { "model": "windows server 2012", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "r2" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 i386" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 x86_64" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "6 i386" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "6 x86_64" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 i386" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 x86_64" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "6 i386" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "6 x86_64" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 i386" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 x86_64" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "6 i386" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "6 x86_64" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "18.0.0.352" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.53.64" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.51.66" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.452" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.3218" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.22.87" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.15.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.12.36" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.12.35" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "6.0.21.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.235" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.233" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.229" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.228" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.223" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.112.61" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.9" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.5" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.63" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.62" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.55" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.228" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.0.1.152" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.2" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.25" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.23" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.22" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.21" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.5" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.4" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.10" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.34" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.26" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.23" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.22" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.16" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.14" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.159.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.157.51" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.156.12" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.28" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.27" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.25" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.24" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.18" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.13" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.153.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.33" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.32" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.21" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.95.2" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.95.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.92.8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.92.10" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.85.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.82.76" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.52.15" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.52.14.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.106.16" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.105.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.102.65" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.102.64" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.42.34" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.32.18" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10" } ], "sources": [ { "db": "BID", "id": "91250" }, { "db": "JVNDB", "id": "JVNDB-2016-003242" }, { "db": "NVD", "id": "CVE-2016-4131" }, { "db": "CNNVD", "id": "CNNVD-201606-395" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "cpe_name": [], "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "cpe_name": [], "versionEndIncluding": "21.0.0.242", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "cpe_name": [], "versionEndIncluding": "21.0.0.242", "vulnerable": true } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.2.202.621", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "cpe_name": [], "versionEndIncluding": "18.0.0.352", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2016-4131" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "willJ of Tencent PC Manager, Aleksandar Nikolic of Cisco Talos, kelvinwang of Tencent PC Manager, Mateusz Jurczyk and Natalie Silvanovich of Google Project Zero, LMX of the Qihoo 360 Codesafe Team and Wen Guanxing from Pangu LAB.", "sources": [ { "db": "BID", "id": "91250" } ], "trust": 0.3 }, "cve": "CVE-2016-4131", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 9.3, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2016-4131", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "id": "VHN-92950", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2016-4131", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2016-4131", "trust": 1.8, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201606-395", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-92950", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2016-4131", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-92950" }, { "db": "VULMON", "id": "CVE-2016-4131" }, { "db": "JVNDB", "id": "JVNDB-2016-003242" }, { "db": "NVD", "id": "CVE-2016-4131" }, { "db": "CNNVD", "id": "CNNVD-201606-395" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. This case MS16-083 This is a different vulnerability than the other vulnerabilities listed on the list.It may be affected unspecified. \nAn attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. The former is the default browser included with operating systems prior to Windows 10; the latter is the default browser included with Windows 10, the latest operating system. in the United States. The former is a multimedia player product library; the latter is a cross-platform, browser-based multimedia player product. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: flash-plugin security update\nAdvisory ID: RHSA-2016:1238-01\nProduct: Red Hat Enterprise Linux Supplementary\nAdvisory URL: https://access.redhat.com/errata/RHSA-2016:1238\nIssue date: 2016-06-17\nCVE Names: CVE-2016-4122 CVE-2016-4123 CVE-2016-4124 \n CVE-2016-4125 CVE-2016-4127 CVE-2016-4128 \n CVE-2016-4129 CVE-2016-4130 CVE-2016-4131 \n CVE-2016-4132 CVE-2016-4133 CVE-2016-4134 \n CVE-2016-4135 CVE-2016-4136 CVE-2016-4137 \n CVE-2016-4138 CVE-2016-4139 CVE-2016-4140 \n CVE-2016-4141 CVE-2016-4142 CVE-2016-4143 \n CVE-2016-4144 CVE-2016-4145 CVE-2016-4146 \n CVE-2016-4147 CVE-2016-4148 CVE-2016-4149 \n CVE-2016-4150 CVE-2016-4151 CVE-2016-4152 \n CVE-2016-4153 CVE-2016-4154 CVE-2016-4155 \n CVE-2016-4156 CVE-2016-4166 CVE-2016-4171 \n=====================================================================\n\n1. Summary:\n\nAn update for flash-plugin is now available for Red Hat Enterprise Linux 5\nSupplementary and Red Hat Enterprise Linux 6 Supplementary. \n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. \n\nThis update upgrades Flash Player to version 11.2.202.626. These\nvulnerabilities, detailed in the Adobe Security Bulletin listed in the\nReferences section, could allow an attacker to create a specially crafted\nSWF file that would cause flash-plugin to crash, execute arbitrary code, or\ndisclose sensitive information when the victim loaded a page containing the\nmalicious SWF content. (CVE-2016-4122, CVE-2016-4123, CVE-2016-4124,\nCVE-2016-4125, CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130,\nCVE-2016-4131, CVE-2016-4132, CVE-2016-4133, CVE-2016-4134, CVE-2016-4135,\nCVE-2016-4136, CVE-2016-4137, CVE-2016-4138, CVE-2016-4139, CVE-2016-4140,\nCVE-2016-4141, CVE-2016-4142, CVE-2016-4143, CVE-2016-4144, CVE-2016-4145,\nCVE-2016-4146, CVE-2016-4147, CVE-2016-4148, CVE-2016-4149, CVE-2016-4150,\nCVE-2016-4151, CVE-2016-4152, CVE-2016-4153, CVE-2016-4154, CVE-2016-4155,\nCVE-2016-4156, CVE-2016-4166, CVE-2016-4171)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1346665 - flash-plugin: multiple code execution issues fixed in APSB16-18\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.626-1.el5_11.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.626-1.el5_11.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.626-1.el5_11.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.626-1.el5_11.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.626-1.el6_8.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.626-1.el6_8.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.626-1.el6_8.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.626-1.el6_8.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.626-1.el6_8.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.626-1.el6_8.i686.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-4122\nhttps://access.redhat.com/security/cve/CVE-2016-4123\nhttps://access.redhat.com/security/cve/CVE-2016-4124\nhttps://access.redhat.com/security/cve/CVE-2016-4125\nhttps://access.redhat.com/security/cve/CVE-2016-4127\nhttps://access.redhat.com/security/cve/CVE-2016-4128\nhttps://access.redhat.com/security/cve/CVE-2016-4129\nhttps://access.redhat.com/security/cve/CVE-2016-4130\nhttps://access.redhat.com/security/cve/CVE-2016-4131\nhttps://access.redhat.com/security/cve/CVE-2016-4132\nhttps://access.redhat.com/security/cve/CVE-2016-4133\nhttps://access.redhat.com/security/cve/CVE-2016-4134\nhttps://access.redhat.com/security/cve/CVE-2016-4135\nhttps://access.redhat.com/security/cve/CVE-2016-4136\nhttps://access.redhat.com/security/cve/CVE-2016-4137\nhttps://access.redhat.com/security/cve/CVE-2016-4138\nhttps://access.redhat.com/security/cve/CVE-2016-4139\nhttps://access.redhat.com/security/cve/CVE-2016-4140\nhttps://access.redhat.com/security/cve/CVE-2016-4141\nhttps://access.redhat.com/security/cve/CVE-2016-4142\nhttps://access.redhat.com/security/cve/CVE-2016-4143\nhttps://access.redhat.com/security/cve/CVE-2016-4144\nhttps://access.redhat.com/security/cve/CVE-2016-4145\nhttps://access.redhat.com/security/cve/CVE-2016-4146\nhttps://access.redhat.com/security/cve/CVE-2016-4147\nhttps://access.redhat.com/security/cve/CVE-2016-4148\nhttps://access.redhat.com/security/cve/CVE-2016-4149\nhttps://access.redhat.com/security/cve/CVE-2016-4150\nhttps://access.redhat.com/security/cve/CVE-2016-4151\nhttps://access.redhat.com/security/cve/CVE-2016-4152\nhttps://access.redhat.com/security/cve/CVE-2016-4153\nhttps://access.redhat.com/security/cve/CVE-2016-4154\nhttps://access.redhat.com/security/cve/CVE-2016-4155\nhttps://access.redhat.com/security/cve/CVE-2016-4156\nhttps://access.redhat.com/security/cve/CVE-2016-4166\nhttps://access.redhat.com/security/cve/CVE-2016-4171\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://helpx.adobe.com/security/products/flash-player/apsb16-18.html\nhttps://helpx.adobe.com/security/products/flash-player/apsa16-03.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFXY7HIXlSAg2UNWIIRAmytAJ9KBVDAyt7RbmNznJhC6uA9WwA6tACfSNyo\n/QNQeCm3xe5AByAOnb1Veh0=\n=5kdV\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n", "sources": [ { "db": "NVD", "id": "CVE-2016-4131" }, { "db": "JVNDB", "id": "JVNDB-2016-003242" }, { "db": "BID", "id": "91250" }, { "db": "VULHUB", "id": "VHN-92950" }, { "db": "VULMON", "id": "CVE-2016-4131" }, { "db": "PACKETSTORM", "id": "137517" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2016-4131", "trust": 3.0 }, { "db": "SECTRACK", "id": "1036117", "trust": 1.8 }, { "db": "JVNDB", "id": "JVNDB-2016-003242", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201606-395", "trust": 0.7 }, { "db": "BID", "id": "91250", "trust": 0.4 }, { "db": "VULHUB", "id": "VHN-92950", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2016-4131", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "137517", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-92950" }, { "db": "VULMON", "id": "CVE-2016-4131" }, { "db": "BID", "id": "91250" }, { "db": "JVNDB", "id": "JVNDB-2016-003242" }, { "db": "PACKETSTORM", "id": "137517" }, { "db": "NVD", "id": "CVE-2016-4131" }, { "db": "CNNVD", "id": "CNNVD-201606-395" } ] }, "id": "VAR-201606-0497", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-92950" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T12:05:36.771000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "APSB16-18", "trust": 0.8, "url": "http://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "title": "APSB16-18", "trust": 0.8, "url": "https://helpx.adobe.com/jp/security/products/flash-player/apsb16-18.html" }, { "title": "Google Chrome \u3092\u66f4\u65b0\u3059\u308b", "trust": 0.8, "url": "https://support.google.com/chrome/answer/95414?hl=ja" }, { "title": "Google Chrome", "trust": 0.8, "url": "https://www.google.com/intl/ja/chrome/browser/features.html" }, { "title": "Chrome Releases", "trust": 0.8, "url": "http://googlechromereleases.blogspot.jp/" }, { "title": "MS16-083", "trust": 0.8, "url": "https://technet.microsoft.com/en-us/library/security/ms16-083.aspx" }, { "title": "RHSA-2016:1238", "trust": 0.8, "url": "https://access.redhat.com/errata/rhsa-2016:1238" }, { "title": "MS16-083", "trust": 0.8, "url": "https://technet.microsoft.com/ja-jp/library/security/ms16-083.aspx" }, { "title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b", "trust": 0.8, "url": "http://www.fmworld.net/biz/common/adobe/20160620f.html" }, { "title": "Microsoft Internet Explorer and Microsoft Edge Adobe Flash Player Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62324" }, { "title": "Red Hat: CVE-2016-4131", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-4131" }, { "title": "CVE-Study", "trust": 0.1, "url": "https://github.com/thdusdl1219/cve-study " } ], "sources": [ { "db": "VULMON", "id": "CVE-2016-4131" }, { "db": "JVNDB", "id": "JVNDB-2016-003242" }, { "db": "CNNVD", "id": "CNNVD-201606-395" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2016-4131" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.9, "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" }, { "trust": 1.9, "url": "https://access.redhat.com/errata/rhsa-2016:1238" }, { "trust": 1.8, "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" }, { "trust": 1.8, "url": "http://www.securitytracker.com/id/1036117" }, { "trust": 1.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" }, { "trust": 1.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" }, { "trust": 1.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4131" }, { "trust": 0.8, "url": "https://www.ipa.go.jp/security/ciadr/vul/20160615-adobeflashplayer.html" }, { "trust": 0.8, "url": "http://www.jpcert.or.jp/at/2016/at160026.html" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4131" }, { "trust": 0.8, "url": "http://www.npa.go.jp/cyberpolice/topics/?seq=18592" }, { "trust": 0.3, "url": "http://www.adobe.com" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2016-4131" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.securityfocus.com/bid/91250" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4142" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4134" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4124" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4137" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4127" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4171" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4153" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4133" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4135" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4125" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4155" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4135" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4125" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4144" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4139" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4136" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4146" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4156" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4142" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4123" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4131" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4129" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4148" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4132" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4166" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4149" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4138" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4137" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4143" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4129" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4141" }, { "trust": 0.1, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4150" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4146" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4152" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4122" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4147" }, { "trust": 0.1, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4122" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4123" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4128" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4140" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4147" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4134" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4136" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4140" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4145" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4128" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4133" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4124" }, { "trust": 0.1, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4127" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4144" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4139" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4143" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4154" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4130" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4150" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4149" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4151" }, { "trust": 0.1, "url": "https://helpx.adobe.com/security/products/flash-player/apsa16-03.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4148" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4138" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4141" }, { "trust": 0.1, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4132" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-4130" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2016-4145" } ], "sources": [ { "db": "VULHUB", "id": "VHN-92950" }, { "db": "VULMON", "id": "CVE-2016-4131" }, { "db": "BID", "id": "91250" }, { "db": "JVNDB", "id": "JVNDB-2016-003242" }, { "db": "PACKETSTORM", "id": "137517" }, { "db": "NVD", "id": "CVE-2016-4131" }, { "db": "CNNVD", "id": "CNNVD-201606-395" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-92950" }, { "db": "VULMON", "id": "CVE-2016-4131" }, { "db": "BID", "id": "91250" }, { "db": "JVNDB", "id": "JVNDB-2016-003242" }, { "db": "PACKETSTORM", "id": "137517" }, { "db": "NVD", "id": "CVE-2016-4131" }, { "db": "CNNVD", "id": "CNNVD-201606-395" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-06-16T00:00:00", "db": "VULHUB", "id": "VHN-92950" }, { "date": "2016-06-16T00:00:00", "db": "VULMON", "id": "CVE-2016-4131" }, { "date": "2016-06-16T00:00:00", "db": "BID", "id": "91250" }, { "date": "2016-06-20T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-003242" }, { "date": "2016-06-17T23:50:16", "db": "PACKETSTORM", "id": "137517" }, { "date": "2016-06-16T14:59:12.417000", "db": "NVD", "id": "CVE-2016-4131" }, { "date": "2016-06-17T00:00:00", "db": "CNNVD", "id": "CNNVD-201606-395" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-11-19T00:00:00", "db": "VULHUB", "id": "VHN-92950" }, { "date": "2021-11-19T00:00:00", "db": "VULMON", "id": "CVE-2016-4131" }, { "date": "2016-07-06T15:01:00", "db": "BID", "id": "91250" }, { "date": "2016-08-30T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-003242" }, { "date": "2021-11-19T10:48:19.333000", "db": "NVD", "id": "CVE-2016-4131" }, { "date": "2021-09-23T00:00:00", "db": "CNNVD", "id": "CNNVD-201606-395" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201606-395" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Microsoft Internet Explorer and Microsoft Edge of Adobe Flash Used in library Adobe Flash Player Vulnerability in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-003242" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "lack of information", "sources": [ { "db": "CNNVD", "id": "CNNVD-201606-395" } ], "trust": 0.6 } }
var-201511-0281
Vulnerability from variot
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionExtends arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046. This vulnerability CVE-2015-7651 , CVE-2015-7652 , CVE-2015-7653 , CVE-2015-7654 , CVE-2015-7656 , CVE-2015-7657 , CVE-2015-7658 , CVE-2015-7660 , CVE-2015-7661 , CVE-2015-7663 , CVE-2015-8042 , CVE-2015-8043 , CVE-2015-8044 ,and CVE-2015-8046 Is a different vulnerability. Supplementary information : CWE Vulnerability type by CWE-416: Use-after-free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlCrafted by attackers actionExtends Arbitrary code may be executed via the argument. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the actionExtends method. By manipulating the arguments passed to the actionExtends method, an attacker can force a dangling pointer to be reused after it has been freed. Failed exploit attempts will likely cause a denial-of-service condition. A use-after-free vulnerability exists in several Adobe products. The following versions are affected: Adobe Flash Player Desktop Runtime 19.0.0.226 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player Extended Support Release 18.0.0.255 and earlier versions, AIR Desktop Runtime 19.0.0.213 and earlier versions; based on Windows, Macintosh , Adobe Flash Player for Google Chrome 19.0.0.226 and earlier versions on Linux and ChromeOS platforms, Adobe Flash Player for Microsoft Edge and Internet Explorer 19.0.0.226 and earlier versions based on Windows 10 platforms, Adobe Flash Player based on Windows 8.0 and 8.1 platforms For Internet Explorer 10 and 11 19.0.0.226 and earlier versions, Adobe Flash Player for Linux 11.2.202.540 and earlier versions based on Linux platforms, AIR SDK 19.0.0.213 and earlier versions and AIR SDK based on Windows, Macintosh, Android and iOS platforms & Compiler 19.0.0.
Background
The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.548"
References
[ 1 ] CVE-2015-5569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5569 [ 2 ] CVE-2015-7625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7625 [ 3 ] CVE-2015-7626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7626 [ 4 ] CVE-2015-7627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7627 [ 5 ] CVE-2015-7628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7628 [ 6 ] CVE-2015-7629 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7629 [ 7 ] CVE-2015-7630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7630 [ 8 ] CVE-2015-7631 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7631 [ 9 ] CVE-2015-7632 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7632 [ 10 ] CVE-2015-7633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7633 [ 11 ] CVE-2015-7634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7634 [ 12 ] CVE-2015-7643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7643 [ 13 ] CVE-2015-7644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7644 [ 14 ] CVE-2015-7645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7645 [ 15 ] CVE-2015-7646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7646 [ 16 ] CVE-2015-7647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7647 [ 17 ] CVE-2015-7648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7648 [ 18 ] CVE-2015-7651 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7651 [ 19 ] CVE-2015-7652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7652 [ 20 ] CVE-2015-7653 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7653 [ 21 ] CVE-2015-7654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7654 [ 22 ] CVE-2015-7655 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7655 [ 23 ] CVE-2015-7656 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7656 [ 24 ] CVE-2015-7657 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7657 [ 25 ] CVE-2015-7658 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7658 [ 26 ] CVE-2015-7659 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7659 [ 27 ] CVE-2015-7660 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7660 [ 28 ] CVE-2015-7661 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7661 [ 29 ] CVE-2015-7662 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7662 [ 30 ] CVE-2015-7663 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7663 [ 31 ] CVE-2015-8042 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8042 [ 32 ] CVE-2015-8043 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8043 [ 33 ] CVE-2015-8044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8044 [ 34 ] CVE-2015-8046 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8046
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201511-02
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2015:2023-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-2023.html Issue date: 2015-11-11 CVE Names: CVE-2015-7651 CVE-2015-7652 CVE-2015-7653 CVE-2015-7654 CVE-2015-7655 CVE-2015-7656 CVE-2015-7657 CVE-2015-7658 CVE-2015-7659 CVE-2015-7660 CVE-2015-7661 CVE-2015-7662 CVE-2015-7663 CVE-2015-8042 CVE-2015-8043 CVE-2015-8044 CVE-2015-8046 =====================================================================
- Summary:
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 6 Supplementary.
Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities, detailed in the Adobe Security Bulletin APSB15-28 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7659, CVE-2015-7660, CVE-2015-7661, CVE-2015-7662, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, CVE-2015-8046)
All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.548.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1280062 - flash-plugin: multiple code execution issues fixed in APSB15-28
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: flash-plugin-11.2.202.548-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.548-1.el6_7.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: flash-plugin-11.2.202.548-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.548-1.el6_7.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: flash-plugin-11.2.202.548-1.el6_7.i686.rpm
x86_64: flash-plugin-11.2.202.548-1.el6_7.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-7651 https://access.redhat.com/security/cve/CVE-2015-7652 https://access.redhat.com/security/cve/CVE-2015-7653 https://access.redhat.com/security/cve/CVE-2015-7654 https://access.redhat.com/security/cve/CVE-2015-7655 https://access.redhat.com/security/cve/CVE-2015-7656 https://access.redhat.com/security/cve/CVE-2015-7657 https://access.redhat.com/security/cve/CVE-2015-7658 https://access.redhat.com/security/cve/CVE-2015-7659 https://access.redhat.com/security/cve/CVE-2015-7660 https://access.redhat.com/security/cve/CVE-2015-7661 https://access.redhat.com/security/cve/CVE-2015-7662 https://access.redhat.com/security/cve/CVE-2015-7663 https://access.redhat.com/security/cve/CVE-2015-8042 https://access.redhat.com/security/cve/CVE-2015-8043 https://access.redhat.com/security/cve/CVE-2015-8044 https://access.redhat.com/security/cve/CVE-2015-8046 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFWQyVTXlSAg2UNWIIRAvDjAJwKgOImEj7zcQ5I39hBWiMAxYluDACdF+vN A2xUVKrwMjMMezKi8h7ucP4= =2cUK -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201511-0281", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "flash player", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "19.0.0.226" }, { "model": "flash player", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "19.0.0.207" }, { "model": "flash player", "scope": "eq", "trust": 1.6, "vendor": "adobe", "version": "19.0.0.185" }, { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "11.2.202.540" }, { "model": "flash player", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "18.0.0.255" }, { "model": "air sdk", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "19.0.0.213" }, { "model": "air", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "19.0.0.190" }, { "model": "air", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "19.0.0.213" }, { "model": "air sdk \\\u0026 compiler", "scope": "lte", "trust": 1.0, "vendor": "adobe", "version": "19.0.0.213" }, { "model": "chrome", "scope": "lt", "trust": 0.8, "vendor": "google", "version": "46.0.2490.82 (chrome os)" }, { "model": "chrome", "scope": "lt", "trust": 0.8, "vendor": "google", "version": "46.0.2490.86 (windows/macintosh/linux)" }, { "model": "air", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "19.0.0.241 (android)" }, { "model": "air", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "desktop runtime 19.0.0.241 (windows/macintosh)" }, { "model": "air sdk", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "19.0.0.241 (windows/macintosh/android/ios)" }, { "model": "air sdk \u0026 compiler", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "19.0.0.241 (windows/macintosh/android/ios)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "11.2.202.548 (linux)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "19.0.0.225 (chrome os edition chrome)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "19.0.0.245 (windows 10 edition microsoft edge/internet explorer 11)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "19.0.0.245 (windows 8.0 and 8.1 edition internet explorer 10/11)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "19.0.0.245 (windows/macintosh/linux edition chrome)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "desktop runtime 19.0.0.245 (windows/macintosh)" }, { "model": "flash player", "scope": "lt", "trust": 0.8, "vendor": "adobe", "version": "continuous support release 18.0.0.261 (windows/macintosh)" }, { "model": "edge", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "(windows 10)" }, { "model": "internet explorer", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "10 (windows 8/windows server 2012/windows rt)" }, { "model": "internet explorer", "scope": "eq", "trust": 0.8, "vendor": "microsoft", "version": "11 (windows 8.1/windows server 2012 r2/windows rt 8.1/windows 10)" }, { "model": "flash", "scope": null, "trust": 0.7, "vendor": "adobe", "version": null }, { "model": "air sdk \\\u0026 compiler", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "19.0.0.213" }, { "model": "air sdk", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "19.0.0.213" }, { "model": "air", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "19.0.0.190" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "11.2.202.540" }, { "model": "flash player", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "18.0.0.255" }, { "model": "air", "scope": "eq", "trust": 0.6, "vendor": "adobe", "version": "19.0.0.213" }, { "model": "hat enterprise linux workstation supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux supplementary server", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "hat enterprise linux server supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux desktop supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux desktop supplementary client", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.53.64" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.51.66" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.452" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.3218" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.22.87" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.15.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.12.36" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.12.35" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.262" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.2460" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.152.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.151.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.124.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.48.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.47.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.45.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.31.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.289.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.283.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.280" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.28.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.277.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.262.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.260.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.246.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.159.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.155.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9.0.115.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "9" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.0.35.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8.0.34.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.73.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.70.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.69.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.68.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.67.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.66.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.61.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.60.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.53.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.24.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.19.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7.0.14.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "6.0.79" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "6.0.21.0" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.235" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.233" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.229" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.228" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.2.202.223" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.115.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.112.61" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.9" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.111.5" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.63" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.62" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.55" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.1.102.228" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "11.0.1.152" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.186.2" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.25" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.23" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.22" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.185.21" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.7" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.5" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.4" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.183.10" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.34" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.26" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.23" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.22" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.16" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.3.181.14" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.159.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.157.51" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.156.12" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.28" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.27" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.25" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.24" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.18" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.154.13" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.153.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.33" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.32" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152.21" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.2.152" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.95.2" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.95.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.92.8" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.92.10" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.85.3" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.82.76" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.52.15" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.52.14.1" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.106.16" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.105.6" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.102.65" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.1.102.64" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.42.34" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10.0.32.18" }, { "model": "flash player", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "10" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.0.4" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.0.3" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5.3.9130" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5.3.9120" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5.3" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5.2" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5.1" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "3.2.0.2080" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "3.2.0.2070" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "3.1.0.4880" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "3.0" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.7.1.1961" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.7.1" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.7" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.6.19140" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.6.19120" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.6" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.5.1" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.0.2.12610" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "2.0.2" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.5" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.1" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.01" }, { "model": "air", "scope": "eq", "trust": 0.3, "vendor": "adobe", "version": "1.0" } ], "sources": [ { "db": "ZDI", "id": "ZDI-15-559" }, { "db": "BID", "id": "77533" }, { "db": "JVNDB", "id": "JVNDB-2015-005889" }, { "db": "NVD", "id": "CVE-2015-7655" }, { "db": "CNNVD", "id": "CNNVD-201511-175" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.0.0.190", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.2.202.540", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.0.0.213", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "19.0.0.213", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:19.0.0.207:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:19.0.0.185:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "18.0.0.255", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:adobe:flash_player:19.0.0.226:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23