gsd-2010-5298
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2010-5298",
"description": "Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.",
"id": "GSD-2010-5298",
"references": [
"https://www.suse.com/security/cve/CVE-2010-5298.html",
"https://www.debian.org/security/2014/dsa-2908",
"https://access.redhat.com/errata/RHSA-2014:0679",
"https://access.redhat.com/errata/RHSA-2014:0628",
"https://access.redhat.com/errata/RHSA-2014:0625",
"https://ubuntu.com/security/CVE-2010-5298",
"https://advisories.mageia.org/CVE-2010-5298.html",
"https://alas.aws.amazon.com/cve/html/CVE-2010-5298.html",
"https://linux.oracle.com/cve/CVE-2010-5298.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2010-5298"
],
"details": "Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.",
"id": "GSD-2010-5298",
"modified": "2023-12-13T01:21:33.652804Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5298",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "59342",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59342"
},
{
"name": "59669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59669"
},
{
"name": "66801",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66801"
},
{
"name": "HPSBGN03068",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140544599631400\u0026w=2"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"name": "HPSBMU03074",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"name": "59300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59300"
},
{
"name": "GLSA-201407-05",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
},
{
"name": "https://rt.openssl.org/Ticket/Display.html?id=3265\u0026user=guest\u0026pass=guest",
"refsource": "MISC",
"url": "https://rt.openssl.org/Ticket/Display.html?id=3265\u0026user=guest\u0026pass=guest"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg24037783",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"name": "FEDORA-2014-9308",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html"
},
{
"name": "MDVSA-2014:090",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:090"
},
{
"name": "59440",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59440"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "59655",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59655"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
},
{
"name": "59437",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59437"
},
{
"name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754",
"refsource": "CONFIRM",
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0006.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0006.html"
},
{
"name": "http://www.fortiguard.com/advisory/FG-IR-14-018/",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/FG-IR-14-018/"
},
{
"name": "SUSE-SU-2015:0743",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21676356",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"name": "HPSBMU03057",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"name": "http://support.citrix.com/article/CTX140876",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX140876"
},
{
"name": "http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191\u0026view=markup",
"refsource": "CONFIRM",
"url": "http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191\u0026view=markup"
},
{
"name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757",
"refsource": "CONFIRM",
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0187.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0187.html"
},
{
"name": "58939",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58939"
},
{
"name": "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=KB29195",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=KB29195"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10075",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10075"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"name": "59438",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59438"
},
{
"name": "HPSBHF03052",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141658880509699\u0026w=2"
},
{
"name": "http://www.openssl.org/news/secadv_20140605.txt",
"refsource": "CONFIRM",
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name": "59301",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59301"
},
{
"name": "https://kb.bluecoat.com/index?page=content\u0026id=SA80",
"refsource": "CONFIRM",
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA80"
},
{
"name": "HPSBMU03076",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10629",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10629"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"name": "FEDORA-2014-9301",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html"
},
{
"name": "HPSBMU03062",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"name": "HPSBMU03056",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"name": "HPSBMU03051",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"name": "59666",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59666"
},
{
"name": "HPSBMU03055",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
},
{
"name": "59413",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59413"
},
{
"name": "[5.5] 004: SECURITY FIX: April 12, 2014",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata55.html#004_openssl"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name": "http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig",
"refsource": "CONFIRM",
"url": "http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig"
},
{
"name": "59721",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59721"
},
{
"name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756",
"refsource": "CONFIRM",
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"name": "58713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58713"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"name": "MDVSA-2015:062",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"name": "59450",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59450"
},
{
"name": "59287",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59287"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
},
{
"name": "58977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58977"
},
{
"name": "https://www.novell.com/support/kb/doc.php?id=7015271",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7015271"
},
{
"name": "http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse",
"refsource": "MISC",
"url": "http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse"
},
{
"name": "https://rt.openssl.org/Ticket/Display.html?id=2167\u0026user=guest\u0026pass=guest",
"refsource": "MISC",
"url": "https://rt.openssl.org/Ticket/Display.html?id=2167\u0026user=guest\u0026pass=guest"
},
{
"name": "http://www.blackberry.com/btsc/KB36051",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/KB36051"
},
{
"name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755",
"refsource": "CONFIRM",
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755"
},
{
"name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
},
{
"name": "58337",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58337"
},
{
"name": "59162",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59162"
},
{
"name": "59490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59490"
},
{
"name": "[oss-security] 20140412 Use-after-free race condition,in OpenSSL\u0027s read buffer",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/04/13/1"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.1g",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.13",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5298"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140412 Use-after-free race condition,in OpenSSL\u0027s read buffer",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2014/04/13/1"
},
{
"name": "http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191\u0026view=markup",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
],
"url": "http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191\u0026view=markup"
},
{
"name": "http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig"
},
{
"name": "http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse"
},
{
"name": "https://rt.openssl.org/Ticket/Display.html?id=3265\u0026user=guest\u0026pass=guest",
"refsource": "MISC",
"tags": [
"Broken Link"
],
"url": "https://rt.openssl.org/Ticket/Display.html?id=3265\u0026user=guest\u0026pass=guest"
},
{
"name": "[5.5] 004: SECURITY FIX: April 12, 2014",
"refsource": "OPENBSD",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openbsd.org/errata55.html#004_openssl"
},
{
"name": "https://rt.openssl.org/Ticket/Display.html?id=2167\u0026user=guest\u0026pass=guest",
"refsource": "MISC",
"tags": [
"Broken Link"
],
"url": "https://rt.openssl.org/Ticket/Display.html?id=2167\u0026user=guest\u0026pass=guest"
},
{
"name": "66801",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66801"
},
{
"name": "http://www.openssl.org/news/secadv_20140605.txt",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"name": "https://kb.bluecoat.com/index?page=content\u0026id=SA80",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
],
"url": "https://kb.bluecoat.com/index?page=content\u0026id=SA80"
},
{
"name": "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products",
"refsource": "CISCO",
"tags": [
"Third Party Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl"
},
{
"name": "http://www.blackberry.com/btsc/KB36051",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
],
"url": "http://www.blackberry.com/btsc/KB36051"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"name": "59438",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/59438"
},
{
"name": "59301",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/59301"
},
{
"name": "59450",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/59450"
},
{
"name": "59721",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/59721"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"name": "59655",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/59655"
},
{
"name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"name": "59162",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/59162"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"name": "58939",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/58939"
},
{
"name": "59666",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/59666"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"name": "59490",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/59490"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10075",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10075"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
},
{
"name": "59669",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/59669"
},
{
"name": "59413",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/59413"
},
{
"name": "59300",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/59300"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name": "http://www.fortiguard.com/advisory/FG-IR-14-018/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.fortiguard.com/advisory/FG-IR-14-018/"
},
{
"name": "59342",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/59342"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "FULLDISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "MDVSA-2015:062",
"refsource": "MANDRIVA",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
},
{
"name": "HPSBMU03055",
"refsource": "HP",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
},
{
"name": "HPSBHF03052",
"refsource": "HP",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141658880509699\u0026w=2"
},
{
"name": "HPSBMU03051",
"refsource": "HP",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"name": "HPSBMU03074",
"refsource": "HP",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"name": "HPSBGN03068",
"refsource": "HP",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140544599631400\u0026w=2"
},
{
"name": "HPSBMU03057",
"refsource": "HP",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"name": "HPSBMU03076",
"refsource": "HP",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"name": "HPSBMU03056",
"refsource": "HP",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"name": "HPSBMU03062",
"refsource": "HP",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
},
{
"name": "SUSE-SU-2015:0743",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"name": "https://www.novell.com/support/kb/doc.php?id=7015271",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://www.novell.com/support/kb/doc.php?id=7015271"
},
{
"name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757"
},
{
"name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756"
},
{
"name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755"
},
{
"name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879",
"refsource": "CONFIRM",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0006.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0006.html"
},
{
"name": "MDVSA-2014:090",
"refsource": "MANDRIVA",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:090"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg24037783",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21676356",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"name": "http://support.citrix.com/article/CTX140876",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX140876"
},
{
"name": "GLSA-201407-05",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
},
{
"name": "59440",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/59440"
},
{
"name": "59437",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/59437"
},
{
"name": "59287",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/59287"
},
{
"name": "58977",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/58977"
},
{
"name": "58713",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/58713"
},
{
"name": "58337",
"refsource": "SECUNIA",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/58337"
},
{
"name": "FEDORA-2014-9308",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html"
},
{
"name": "FEDORA-2014-9301",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=KB29195",
"refsource": "CONFIRM",
"tags": [
"Permissions Required"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=KB29195"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10629",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10629"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0187.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2014-0187.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "BUGTRAQ",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2022-08-29T20:53Z",
"publishedDate": "2014-04-14T22:38Z"
}
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.