var-201110-0389
Vulnerability from variot

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to HotSpot. The vulnerability can be exploited over multiple protocols. This issue affects the 'HotSpot' sub-component. This vulnerability affects the following supported versions: JDK and JRE 7, 6 Update 27. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201111-02


                                        http://security.gentoo.org/

Severity: Normal Title: Oracle JRE/JDK: Multiple vulnerabilities Date: November 05, 2011 Bugs: #340421, #354213, #370559, #387851 ID: 201111-02


Synopsis

Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 dev-java/sun-jre-bin < 1.6.0.29 >= 1.6.0.29 * 2 app-emulation/emul-linux-x86-java < 1.6.0.29 >= 1.6.0.29 * 3 dev-java/sun-jdk < 1.6.0.29 >= 1.6.0.29 * ------------------------------------------------------------------- NOTE: Packages marked with asterisks require manual intervention! ------------------------------------------------------------------- 3 affected packages -------------------------------------------------------------------

Description

Multiple vulnerabilities have been reported in the Oracle Java implementation.

Workaround

There is no known workaround at this time.

Resolution

All Oracle JDK 1.6 users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/sun-jdk-1.6.0.29"

All Oracle JRE 1.6 users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-java/sun-jre-bin-1.6.0.29"

All users of the precompiled 32-bit Oracle JRE 1.6 should upgrade to the latest version:

# emerge --sync # emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.6.0.29"

NOTE: As Oracle has revoked the DLJ license for its Java implementation, the packages can no longer be updated automatically. This limitation is not present on a non-fetch restricted implementation such as dev-java/icedtea-bin.

References

[ 1 ] CVE-2010-3541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541 [ 2 ] CVE-2010-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548 [ 3 ] CVE-2010-3549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549 [ 4 ] CVE-2010-3550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3550 [ 5 ] CVE-2010-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551 [ 6 ] CVE-2010-3552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3552 [ 7 ] CVE-2010-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553 [ 8 ] CVE-2010-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554 [ 9 ] CVE-2010-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3555 [ 10 ] CVE-2010-3556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3556 [ 11 ] CVE-2010-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557 [ 12 ] CVE-2010-3558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3558 [ 13 ] CVE-2010-3559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3559 [ 14 ] CVE-2010-3560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3560 [ 15 ] CVE-2010-3561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561 [ 16 ] CVE-2010-3562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562 [ 17 ] CVE-2010-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3563 [ 18 ] CVE-2010-3565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565 [ 19 ] CVE-2010-3566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566 [ 20 ] CVE-2010-3567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567 [ 21 ] CVE-2010-3568 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568 [ 22 ] CVE-2010-3569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569 [ 23 ] CVE-2010-3570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3570 [ 24 ] CVE-2010-3571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3571 [ 25 ] CVE-2010-3572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3572 [ 26 ] CVE-2010-3573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573 [ 27 ] CVE-2010-3574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574 [ 28 ] CVE-2010-4422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4422 [ 29 ] CVE-2010-4447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4447 [ 30 ] CVE-2010-4448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448 [ 31 ] CVE-2010-4450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450 [ 32 ] CVE-2010-4451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4451 [ 33 ] CVE-2010-4452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4452 [ 34 ] CVE-2010-4454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4454 [ 35 ] CVE-2010-4462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4462 [ 36 ] CVE-2010-4463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4463 [ 37 ] CVE-2010-4465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465 [ 38 ] CVE-2010-4466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4466 [ 39 ] CVE-2010-4467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467 [ 40 ] CVE-2010-4468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4468 [ 41 ] CVE-2010-4469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469 [ 42 ] CVE-2010-4470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470 [ 43 ] CVE-2010-4471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471 [ 44 ] CVE-2010-4472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472 [ 45 ] CVE-2010-4473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4473 [ 46 ] CVE-2010-4474 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4474 [ 47 ] CVE-2010-4475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4475 [ 48 ] CVE-2010-4476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476 [ 49 ] CVE-2011-0802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0802 [ 50 ] CVE-2011-0814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0814 [ 51 ] CVE-2011-0815 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815 [ 52 ] CVE-2011-0862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862 [ 53 ] CVE-2011-0863 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0863 [ 54 ] CVE-2011-0864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864 [ 55 ] CVE-2011-0865 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865 [ 56 ] CVE-2011-0867 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0867 [ 57 ] CVE-2011-0868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868 [ 58 ] CVE-2011-0869 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869 [ 59 ] CVE-2011-0871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871 [ 60 ] CVE-2011-0872 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872 [ 61 ] CVE-2011-0873 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0873 [ 62 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 63 ] CVE-2011-3516 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3516 [ 64 ] CVE-2011-3521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521 [ 65 ] CVE-2011-3544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544 [ 66 ] CVE-2011-3545 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3545 [ 67 ] CVE-2011-3546 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3546 [ 68 ] CVE-2011-3547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547 [ 69 ] CVE-2011-3548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548 [ 70 ] CVE-2011-3549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3549 [ 71 ] CVE-2011-3550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3550 [ 72 ] CVE-2011-3551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551 [ 73 ] CVE-2011-3552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552 [ 74 ] CVE-2011-3553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553 [ 75 ] CVE-2011-3554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554 [ 76 ] CVE-2011-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3555 [ 77 ] CVE-2011-3556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556 [ 78 ] CVE-2011-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557 [ 79 ] CVE-2011-3558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558 [ 80 ] CVE-2011-3560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560 [ 81 ] CVE-2011-3561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3561

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201111-02.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------

Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool.

Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/


TITLE: Hitachi Cosminexus Products Java Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA46694

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46694/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46694

RELEASE DATE: 2011-11-08

DISCUSS ADVISORY: http://secunia.com/advisories/46694/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/46694/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=46694

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Hitachi has acknowledged multiple vulnerabilities in Hitachi Cosminexus products, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

The vulnerabilities are caused due to vulnerabilities in the bundled version of Cosminexus Developer's Kit for Java.

For more information: SA46512

Please see the vendor's advisory for a list of affected products.

SOLUTION: Update to a fixed version. Please see the vendor's advisory for details.

ORIGINAL ADVISORY: http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-024/index.html

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


.

Background

IcedTea is a distribution of the Java OpenJDK source code built with free build tools. ========================================================================== Ubuntu Security Notice USN-1263-1 November 16, 2011

icedtea-web, openjdk-6, openjdk-6b18 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 11.10
  • Ubuntu 11.04
  • Ubuntu 10.10
  • Ubuntu 10.04 LTS

Summary:

Multiple OpenJDK 6 and IcedTea-Web vulnerabilities have been fixed.

Software Description: - icedtea-web: A web browser plugin to execute Java applets - openjdk-6: Open Source Java implementation - openjdk-6b18: Open Source Java implementation

Details:

Deepak Bhole discovered a flaw in the Same Origin Policy (SOP) implementation in the IcedTea web browser plugin. This could allow a remote attacker to open connections to certain hosts that should not be permitted. (CVE-2011-3377)

Juliano Rizzo and Thai Duong discovered that the block-wise AES encryption algorithm block-wise as used in TLS/SSL was vulnerable to a chosen-plaintext attack. This could allow a remote attacker to view confidential data. (CVE-2011-3521)

It was discovered that the Java scripting engine did not perform SecurityManager checks. (CVE-2011-3544)

It was discovered that the InputStream class used a global buffer to store input bytes skipped. (CVE-2011-3547)

It was discovered that a vulnerability existed in the AWTKeyStroke class. (CVE-2011-3548)

It was discovered that an integer overflow vulnerability existed in the TransformHelper class in the Java2D implementation. (CVE-2011-3556, CVE-2011-3557)

It was discovered that the HotSpot VM could be made to crash, allowing an attacker to cause a denial of service or possibly leak sensitive information. (CVE-2011-3558)

It was discovered that the HttpsURLConnection class did not properly perform SecurityManager checks in certain situations. This could allow a remote attacker to bypass restrictions on HTTPS connections. (CVE-2011-3560)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 11.10: icedtea-6-jre-cacao 6b23~pre11-0ubuntu1.11.10 icedtea-6-jre-jamvm 6b23~pre11-0ubuntu1.11.10 icedtea-netx 1.1.3-1ubuntu1.1 icedtea-plugin 1.1.3-1ubuntu1.1 openjdk-6-jre 6b23~pre11-0ubuntu1.11.10 openjdk-6-jre-headless 6b23~pre11-0ubuntu1.11.10 openjdk-6-jre-lib 6b23~pre11-0ubuntu1.11.10 openjdk-6-jre-zero 6b23~pre11-0ubuntu1.11.10

Ubuntu 11.04: icedtea-6-jre-cacao 6b22-1.10.4-0ubuntu1~11.04.1 icedtea-6-jre-jamvm 6b22-1.10.4-0ubuntu1~11.04.1 icedtea-netx 1.1.1-0ubuntu1~11.04.2 icedtea-plugin 1.1.1-0ubuntu1~11.04.2 openjdk-6-jre 6b22-1.10.4-0ubuntu1~11.04.1 openjdk-6-jre-headless 6b22-1.10.4-0ubuntu1~11.04.1 openjdk-6-jre-lib 6b22-1.10.4-0ubuntu1~11.04.1 openjdk-6-jre-zero 6b22-1.10.4-0ubuntu1~11.04.1

Ubuntu 10.10: icedtea-6-jre-cacao 6b20-1.9.10-0ubuntu1~10.10.2 openjdk-6-demo 6b20-1.9.10-0ubuntu1~10.10.2 openjdk-6-jdk 6b20-1.9.10-0ubuntu1~10.10.2 openjdk-6-jre 6b20-1.9.10-0ubuntu1~10.10.2 openjdk-6-jre-headless 6b20-1.9.10-0ubuntu1~10.10.2 openjdk-6-jre-lib 6b20-1.9.10-0ubuntu1~10.10.2 openjdk-6-jre-zero 6b20-1.9.10-0ubuntu1~10.10.2

Ubuntu 10.04 LTS: icedtea-6-jre-cacao 6b20-1.9.10-0ubuntu1~10.04.2 icedtea6-plugin 6b20-1.9.10-0ubuntu1~10.04.2 openjdk-6-demo 6b20-1.9.10-0ubuntu1~10.04.2 openjdk-6-jre 6b20-1.9.10-0ubuntu1~10.04.2 openjdk-6-jre-headless 6b20-1.9.10-0ubuntu1~10.04.2 openjdk-6-jre-lib 6b20-1.9.10-0ubuntu1~10.04.2 openjdk-6-jre-zero 6b20-1.9.10-0ubuntu1~10.04.2

After a standard system update you need to restart any Java applications or applets to make all the necessary changes.

IcedTea6 prior to 1.10.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D (CVE-2011-3551).

IcedTea6 prior to 1.10.4 allows remote attackers to affect integrity via unknown vectors related to Networking (CVE-2011-3552).

IcedTea6 prior to 1.10.4 allows remote authenticated users to affect confidentiality, related to JAXWS (CVE-2011-3553).

IcedTea6 prior to 1.10.4 allows remote attackers to affect confidentiality, integrity, and availability, related to RMI (CVE-2011-3556).

IcedTea6 prior to 1.10.4 allows remote attackers to affect confidentiality, integrity, and availability, related to RMI (CVE-2011-3557). A malicious applet could use this flaw to bypass SOP protection and open connections to any sub-domain of the second-level domain of the applet's origin, as well as any sub-domain of the domain that is the suffix of the origin second-level domain. For example, IcedTea-Web plugin allowed applet from some.host.example.com to connect to other.host.example.com, www.example.com, and example.com, as well as www.ample.com or ample.com. (CVE-2011-3377). The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFOvSWxmqjQ0CJFipgRAnk1AKDUddZYCqwkfhoUpLxEL0BT3mDf0ACfbuTI aaF2JGTyfceBABs92un/yVA= =yPsD -----END PGP SIGNATURE-----


Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Further information about these flaws can be found on the Oracle Java SE Critical Patch page, listed in the References section. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

APPLE-SA-2011-11-08-1 Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6

Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6 are now available and address the following:

Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, Mac OS X v10.7.2, Mac OS X Server v10.7.2 Impact: Multiple vulnerabilities in Java 1.6.0_26 Description: Multiple vulnerabilities exist in Java 1.6.0_26, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. These issues are addressed by updating to Java version 1.6.0_29. Further information is available via the Java website at http://java.sun.com/javase/6/webnotes/ReleaseNotes.html CVE-ID CVE-2011-3389 CVE-2011-3521 CVE-2011-3544 CVE-2011-3545 CVE-2011-3546 CVE-2011-3547 CVE-2011-3548 CVE-2011-3549 CVE-2011-3551 CVE-2011-3552 CVE-2011-3553 CVE-2011-3554 CVE-2011-3556 CVE-2011-3557 CVE-2011-3558 CVE-2011-3560 CVE-2011-3561

Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/

For Mac OS X v10.6 systems The download file is named: JavaForMacOSX10.6.dmg Its SHA-1 digest is: be0ac75b8bac967f1d39a94ebf9482a61fb7d70b

For Mac OS X v10.7 systems The download file is named: JavaForMacOSX10.7.dmg Its SHA-1 digest is: 7768e6aeb5adaa638c74d4c04150517ed99fed20

Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin)

iQEcBAEBAgAGBQJOuZNKAAoJEGnF2JsdZQeece8H/1I98YQ1LF4iDD442zB+WjZP 2Vxd3euXYwySD6qDCYNLJ0hUKu90c/4nr5d5rRH3xYdBzAHuZG39m069lpN1UZIW t5ube+j9zjiejnXlPbAgq+vIAg22nu0EdxhOOZZeQOoEYqyoKhXNCt3fR+tzo3o4 mN/LWMO1NwrM0sGDPuUGs2TWdPZbC4QJJz4Z4S+FsTlujYh9MRd3dyxLBIg7BKCL wgnFdpFW8bPmVdiTj91pC0Gb3XtolQxexXGHsdI15KeFMbQ06nKV/AyvxMF8O5jS D089GEHE52NAQCZ0YJ6TJsisrGqTZZ77js55cPU259FogxEKKBuwfdFbn4qVeD8= =4KBF -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

===================================================================== Red Hat Security Advisory

Synopsis: Critical: java-1.6.0-openjdk security update Advisory ID: RHSA-2011:1380-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1380.html Issue date: 2011-10-18 CVE Names: CVE-2011-3389 CVE-2011-3521 CVE-2011-3544 CVE-2011-3547 CVE-2011-3548 CVE-2011-3551 CVE-2011-3552 CVE-2011-3553 CVE-2011-3554 CVE-2011-3556 CVE-2011-3557 CVE-2011-3558 CVE-2011-3560 =====================================================================

  1. Summary:

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

  1. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

  1. Description:

These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit.

A flaw was found in the Java RMI (Remote Method Invocation) registry implementation. A remote RMI client could use this flaw to execute arbitrary code on the RMI server running the registry. (CVE-2011-3556)

A flaw was found in the Java RMI registry implementation. A remote RMI client could use this flaw to execute code on the RMI server with unrestricted privileges. (CVE-2011-3557)

A flaw was found in the IIOP (Internet Inter-Orb Protocol) deserialization code. An untrusted Java application or applet running in a sandbox could use this flaw to bypass sandbox restrictions by deserializing specially-crafted input. (CVE-2011-3521)

It was found that the Java ScriptingEngine did not properly restrict the privileges of sandboxed applications. An untrusted Java application or applet running in a sandbox could use this flaw to bypass sandbox restrictions. (CVE-2011-3544)

A flaw was found in the AWTKeyStroke implementation. An untrusted Java application or applet running in a sandbox could use this flaw to bypass sandbox restrictions. (CVE-2011-3548)

An integer overflow flaw, leading to a heap-based buffer overflow, was found in the Java2D code used to perform transformations of graphic shapes and images. An untrusted Java application or applet running in a sandbox could use this flaw to bypass sandbox restrictions. (CVE-2011-3551)

An insufficient error checking flaw was found in the unpacker for JAR files in pack200 format. A specially-crafted JAR file could use this flaw to crash the Java Virtual Machine (JVM) or, possibly, execute arbitrary code with JVM privileges. (CVE-2011-3554)

It was found that HttpsURLConnection did not perform SecurityManager checks in the setSSLSocketFactory method. An untrusted Java application or applet running in a sandbox could use this flaw to bypass connection restrictions defined in the policy. (CVE-2011-3560)

A flaw was found in the way the SSL 3 and TLS 1.0 protocols used block ciphers in cipher-block chaining (CBC) mode. An attacker able to perform a chosen plain text attack against a connection mixing trusted and untrusted data could use this flaw to recover portions of the trusted data sent over the connection. (CVE-2011-3389)

Note: This update mitigates the CVE-2011-3389 issue by splitting the first application data record byte to a separate SSL/TLS protocol record. This mitigation may cause compatibility issues with some SSL/TLS implementations and can be disabled using the jsse.enableCBCProtection boolean property. This can be done on the command line by appending the flag "-Djsse.enableCBCProtection=false" to the java command.

An information leak flaw was found in the InputStream.skip implementation. An untrusted Java application or applet could possibly use this flaw to obtain bytes skipped by other threads. (CVE-2011-3547)

A flaw was found in the Java HotSpot virtual machine. An untrusted Java application or applet could use this flaw to disclose portions of the VM memory, or cause it to crash. (CVE-2011-3558)

The Java API for XML Web Services (JAX-WS) implementation in OpenJDK was configured to include the stack trace in error messages sent to clients. A remote client could possibly use this flaw to obtain sensitive information. (CVE-2011-3553)

It was found that Java applications running with SecurityManager restrictions were allowed to use too many UDP sockets by default. If multiple instances of a malicious application were started at the same time, they could exhaust all available UDP sockets on the system. (CVE-2011-3552)

This erratum also upgrades the OpenJDK package to IcedTea6 1.9.10. Refer to the NEWS file, linked to in the References, for further information.

All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.

  1. Solution:

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259

  1. Bugs fixed (http://bugzilla.redhat.com/):

737506 - CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) 745379 - CVE-2011-3560 OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936) 745387 - CVE-2011-3547 OpenJDK: InputStream skip() information leak (Networking/IO, 7000600) 745391 - CVE-2011-3551 OpenJDK: Java2D TransformHelper integer overflow (2D, 7023640) 745397 - CVE-2011-3552 OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417) 745399 - CVE-2011-3544 OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823) 745442 - CVE-2011-3521 OpenJDK: IIOP deserialization code execution (Deserialization, 7055902) 745447 - CVE-2011-3554 OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857) 745459 - CVE-2011-3556 OpenJDK: RMI DGC server remote code execution (RMI, 7077466) 745464 - CVE-2011-3557 OpenJDK: RMI registry privileged code execution (RMI, 7083012) 745473 - CVE-2011-3548 OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773) 745476 - CVE-2011-3553 OpenJDK: JAX-WS stack-traces information leak (JAX-WS, 7046794) 745492 - CVE-2011-3558 OpenJDK: Hotspot unspecified issue (Hotspot, 7070134)

  1. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.src.rpm

i386: java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm

x86_64: java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.src.rpm

i386: java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm

x86_64: java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 6):

Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm

i386: java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm

x86_64: java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm

i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm

x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm

x86_64: java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm

x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm

i386: java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm

x86_64: java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6):

Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm

i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm

x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm

i386: java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm

x86_64: java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 6):

Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm

i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm

x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

  1. References:

https://www.redhat.com/security/data/cve/CVE-2011-3389.html https://www.redhat.com/security/data/cve/CVE-2011-3521.html https://www.redhat.com/security/data/cve/CVE-2011-3544.html https://www.redhat.com/security/data/cve/CVE-2011-3547.html https://www.redhat.com/security/data/cve/CVE-2011-3548.html https://www.redhat.com/security/data/cve/CVE-2011-3551.html https://www.redhat.com/security/data/cve/CVE-2011-3552.html https://www.redhat.com/security/data/cve/CVE-2011-3553.html https://www.redhat.com/security/data/cve/CVE-2011-3554.html https://www.redhat.com/security/data/cve/CVE-2011-3556.html https://www.redhat.com/security/data/cve/CVE-2011-3557.html https://www.redhat.com/security/data/cve/CVE-2011-3558.html https://www.redhat.com/security/data/cve/CVE-2011-3560.html https://access.redhat.com/security/updates/classification/#critical http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html http://icedtea.classpath.org/hg/release/icedtea6-1.9/file/328afd896e3e/NEWS

  1. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFOngvzXlSAg2UNWIIRArb8AKCaS923HYBco1E2eOOedT1aefjmyACgherU 1E1DMZpv3ExBmKhD4Emi2no= =sMXo -----END PGP SIGNATURE-----

-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201110-0389",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "esx",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "vmware",
        "version": "3.5"
      },
      {
        "model": "esx",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "vmware",
        "version": "4.0"
      },
      {
        "model": "esx",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "vmware",
        "version": "4.1"
      },
      {
        "model": "jre",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "sun",
        "version": "1.6.0"
      },
      {
        "model": "jre",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sun",
        "version": "1.7.0"
      },
      {
        "model": "jdk",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "sun",
        "version": "1.6.0"
      },
      {
        "model": "jre",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sun",
        "version": "1.6.0"
      },
      {
        "model": "jdk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sun",
        "version": "1.7.0"
      },
      {
        "model": "jdk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sun",
        "version": "1.6.0"
      },
      {
        "model": "jre 1.6.0 03",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 17",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jre 1.6.0 28",
        "scope": "ne",
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 18",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 1.6.0 22",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 05",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 14",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 1.6.0 21",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jdk 1.6.0 20",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 1.6.0 25",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 07",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 1.6.0 18",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jdk 1.6.0 27",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 1.6.0 19",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jdk 1.6.0 03",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jdk 17",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jre 10",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jre 1.6.0 14",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jdk 04",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jre 04",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 1.6.0 25",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 27",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 1.6.0 15",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 12",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jre",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.7"
      },
      {
        "model": "jre 1.6.0 02",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jre 1.6.0 23",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 01",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jdk 06",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jre 1.6.0 19",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 1.6.0 15",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 07",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 1.6.0 28",
        "scope": "ne",
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 1.6.0 23",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 11",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 13",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 1.6.0 02",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 05",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 1.6.0 26",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 26",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 21",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 1.6.0 24",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 06",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 11",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 10",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "oracle",
        "version": "1.7"
      },
      {
        "model": "jdk 1.6.0 22",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 1.6.0 24",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 13",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "vcenter",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "4.0 (windows)"
      },
      {
        "model": "vcenter",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "4.1 (windows)"
      },
      {
        "model": "vcenter",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "5.0 (windows)"
      },
      {
        "model": "virtualcenter",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "2.5 (windows)"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.6.8"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.7.2"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.6.8"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.7.2"
      },
      {
        "model": "jdk",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "6 update 27"
      },
      {
        "model": "jdk",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "7"
      },
      {
        "model": "jre",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "6 update 27"
      },
      {
        "model": "jre",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "7"
      },
      {
        "model": "hp systems insight manager",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": "7.0"
      },
      {
        "model": "enterprise linux extras",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4 extras"
      },
      {
        "model": "enterprise linux hpc node supplementary",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "6"
      },
      {
        "model": "enterprise linux server supplementary",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "6"
      },
      {
        "model": "enterprise linux server supplementary eus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "6.1.z"
      },
      {
        "model": "enterprise linux workstation supplementary",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "6"
      },
      {
        "model": "rhel desktop supplementary",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "5 (client)"
      },
      {
        "model": "rhel desktop supplementary",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "6"
      },
      {
        "model": "rhel supplementary",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "5 (server)"
      },
      {
        "model": "cosminexus application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "enterprise version 6"
      },
      {
        "model": "cosminexus application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "standard version 6"
      },
      {
        "model": "cosminexus application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "version 5"
      },
      {
        "model": "cosminexus client",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "version 6"
      },
      {
        "model": "cosminexus developer",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "light version 6"
      },
      {
        "model": "cosminexus developer",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "professional version 6"
      },
      {
        "model": "cosminexus developer",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "standard version 6"
      },
      {
        "model": "cosminexus developer",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "version 5"
      },
      {
        "model": "cosminexus developer\u0027s kit for java",
        "scope": null,
        "trust": 0.8,
        "vendor": "hitachi",
        "version": null
      },
      {
        "model": "cosminexus primary server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "base"
      },
      {
        "model": "cosminexus server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "standard edition version 4"
      },
      {
        "model": "cosminexus server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "web edition version 4"
      },
      {
        "model": "cosminexus studio",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "standard edition version 4"
      },
      {
        "model": "cosminexus studio",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "version 5"
      },
      {
        "model": "cosminexus studio",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "web edition version 4"
      },
      {
        "model": "hirdb for java /xml",
        "scope": null,
        "trust": 0.8,
        "vendor": "hitachi",
        "version": null
      },
      {
        "model": "developer\u0027s kit for java",
        "scope": null,
        "trust": 0.8,
        "vendor": "hitachi",
        "version": null
      },
      {
        "model": "processing kit for xml",
        "scope": null,
        "trust": 0.8,
        "vendor": "hitachi",
        "version": null
      },
      {
        "model": "ucosminexus application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "enterprise"
      },
      {
        "model": "ucosminexus application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "express"
      },
      {
        "model": "ucosminexus application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "light"
      },
      {
        "model": "ucosminexus application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "smart edition"
      },
      {
        "model": "ucosminexus application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "standard"
      },
      {
        "model": "ucosminexus application server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "standard-r"
      },
      {
        "model": "ucosminexus client",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "none"
      },
      {
        "model": "ucosminexus client",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "for plug-in"
      },
      {
        "model": "ucosminexus developer",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "01"
      },
      {
        "model": "ucosminexus developer",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "light"
      },
      {
        "model": "ucosminexus developer",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "professional"
      },
      {
        "model": "ucosminexus developer",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "professional for plug-in"
      },
      {
        "model": "ucosminexus developer",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "standard"
      },
      {
        "model": "ucosminexus operator",
        "scope": null,
        "trust": 0.8,
        "vendor": "hitachi",
        "version": null
      },
      {
        "model": "ucosminexus portal framework",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "entry set"
      },
      {
        "model": "ucosminexus primary server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "base"
      },
      {
        "model": "ucosminexus service",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "architect"
      },
      {
        "model": "ucosminexus service",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "platform"
      },
      {
        "model": "ucosminexus service",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hitachi",
        "version": "platform - messaging"
      },
      {
        "model": "jdk 01-b06",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jre 1.6.0 2",
        "scope": null,
        "trust": 0.6,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jdk 1.6.0 01",
        "scope": null,
        "trust": 0.6,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 1.6.0 20",
        "scope": null,
        "trust": 0.6,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "cosminexus server web edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "enterprise linux server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "rational appscan standard",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.8"
      },
      {
        "model": "trio tview software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "schneider electric",
        "version": "3.27.0"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1.1"
      },
      {
        "model": "processing kit for xml",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "nonstop server h06.16.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "nonstop server h06.19.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "enterprise linux as extras",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7"
      },
      {
        "model": "voice portal sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1"
      },
      {
        "model": "aura application enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "11.10"
      },
      {
        "model": "jdk 01",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "cosminexus studio web edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "-0"
      },
      {
        "model": "nonstop server j06.08.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "nonstop server h06.15.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "meeting exchange sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "voice portal sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1"
      },
      {
        "model": "jdk update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6.06"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "cosminexus application server standard",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "trio tview software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "schneider electric",
        "version": "3.29.0"
      },
      {
        "model": "nonstop server j06.06.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "cms server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "15.0"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "1.1"
      },
      {
        "model": "nonstop server j06.14",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "ucosminexus application server standard",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.3"
      },
      {
        "model": "openpages grc platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.5"
      },
      {
        "model": "ucosminexus application server express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "09-70"
      },
      {
        "model": "aura system platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "messaging storage server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.8"
      },
      {
        "model": "nonstop server j06.09.03",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "nonstop server h06.26",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.06"
      },
      {
        "model": "systems insight manager sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "4.2"
      },
      {
        "model": "systems insight manager sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "5.0"
      },
      {
        "model": "nonstop server j06.04.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "aura system platform sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.10"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.2"
      },
      {
        "model": "nonstop server j06.13",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "aura communication manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "ip office application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "systems insight manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "5.0"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "enterprise linux extras",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "4"
      },
      {
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2010.1"
      },
      {
        "model": "nonstop server j06.09.04",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "ucosminexus operator",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1.2"
      },
      {
        "model": "meeting exchange sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "aura application server sip core",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "53002.0"
      },
      {
        "model": "meeting exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0.0.52"
      },
      {
        "model": "rational appscan standard",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.0.3"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "cosminexus developer standard",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "nonstop server h06.18.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "nonstop server j06.15.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "nonstop server h06.22.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "rational appscan enterprise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.0.1"
      },
      {
        "model": "jdk update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6.014"
      },
      {
        "model": "cosminexus application server enterprise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "nonstop server j06.12.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "ir",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "aura messaging",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.2"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "nonstop server j06.05.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "jdk update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6.011"
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.02"
      },
      {
        "model": "nonstop server j06.08.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "cosminexus server standard edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "nonstop server j06.09.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "rational policy tester",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.0.1"
      },
      {
        "model": "messaging storage server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "systems insight manager sp5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "5.0"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.1"
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.01"
      },
      {
        "model": "nonstop server j06.16",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "rational policy tester",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5"
      },
      {
        "model": "systems insight manager sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "5.1"
      },
      {
        "model": "ucosminexus client for plug-in",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "nonstop server j6.0.14.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "openpages grc platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.5.2"
      },
      {
        "model": "freeflow print server 73.c0.41",
        "scope": null,
        "trust": 0.3,
        "vendor": "xerox",
        "version": null
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.011"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.2.2"
      },
      {
        "model": "enterprise linux desktop supplementary",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "rational appscan enterprise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.1.1"
      },
      {
        "model": "meeting exchange sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "websphere multichannel bank transformation toolkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.1"
      },
      {
        "model": "message networking",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.3"
      },
      {
        "model": "ucosminexus developer",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "010"
      },
      {
        "model": "enterprise linux supplementary server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "5"
      },
      {
        "model": "ucosminexus service architect",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "voice portal sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "ucosminexus developer light",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "ucosminexus service platform messaging",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "-0"
      },
      {
        "model": "voice portal sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "rational appscan standard",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.0"
      },
      {
        "model": "nonstop server j06.07.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2011"
      },
      {
        "model": "enterprise linux workstation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.10"
      },
      {
        "model": "nonstop server j06.09.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "vcenter",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "5.0"
      },
      {
        "model": "meeting exchange sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "nonstop server j06.10.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "enterprise linux desktop client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "5"
      },
      {
        "model": "aura messaging",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0.1"
      },
      {
        "model": "nonstop server j06.06.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "systems insight manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.0.0.96"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6"
      },
      {
        "model": "jdk update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6.012"
      },
      {
        "model": "aura session manager sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "nonstop server h06.24.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "iq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "aura presence services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "systems insight manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "5.3"
      },
      {
        "model": "cms server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "16.0"
      },
      {
        "model": "nonstop server h06.25",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "messaging storage server sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.012"
      },
      {
        "model": "jdk update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6.04"
      },
      {
        "model": "websphere multichannel bank transformation toolkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.1.0.2"
      },
      {
        "model": "ucosminexus application server light",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "nonstop server h06.15.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "freeflow print server 73.b3.61",
        "scope": null,
        "trust": 0.3,
        "vendor": "xerox",
        "version": null
      },
      {
        "model": "openpages grc platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.5.3"
      },
      {
        "model": "meeting exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "voice portal sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "cosminexus studio",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.04"
      },
      {
        "model": "virtualcenter update 6b",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5"
      },
      {
        "model": "openjdk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openjdk",
        "version": "6"
      },
      {
        "model": "security appscan standard",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.6"
      },
      {
        "model": "meeting exchange sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "11.04"
      },
      {
        "model": "enterprise linux ws extras",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "4"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.5"
      },
      {
        "model": "hp-ux b.11.11",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6"
      },
      {
        "model": "nonstop server j06.07.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "enterprise linux es extras",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "4"
      },
      {
        "model": "message networking sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "openjdk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openjdk",
        "version": "1.6"
      },
      {
        "model": "jdk update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6.010"
      },
      {
        "model": "jdk update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6.013"
      },
      {
        "model": "nonstop server j06.08.04",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "rational appscan standard",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.0.1"
      },
      {
        "model": "nonstop server j06.08.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "ip office application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "aura system manager sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "messaging storage server sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "enterprise server x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "5"
      },
      {
        "model": "aura communication manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.3"
      },
      {
        "model": "systems insight manager update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "5.31"
      },
      {
        "model": "jdk update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6.015"
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.010"
      },
      {
        "model": "nonstop server h06.15.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "nonstop server h06.24",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.013"
      },
      {
        "model": "jdk update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6.018"
      },
      {
        "model": "cosminexus primary server base",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "jdk update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6.019"
      },
      {
        "model": "message networking",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2010.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.3"
      },
      {
        "model": "nonstop server h06.16.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "ucosminexus developer professional for plug-in",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "nonstop server h06.18.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "nonstop server h06.20.03",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.2"
      },
      {
        "model": "meeting exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "aura system platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "1.0"
      },
      {
        "model": "enterprise linux hpc node optional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "hp-ux b.11.23",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.6"
      },
      {
        "model": "enterprise linux server supplementary",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.015"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "5"
      },
      {
        "model": "systems insight manager sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "5.2"
      },
      {
        "model": "systems insight manager",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.0"
      },
      {
        "model": "nonstop server j06.13.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "iq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1.1"
      },
      {
        "model": "nonstop server h06.23",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.014"
      },
      {
        "model": "aura application enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.3"
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.019"
      },
      {
        "model": "enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "5"
      },
      {
        "model": "nonstop server h06.19.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1"
      },
      {
        "model": "meeting exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "aura communication manager utility services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.5"
      },
      {
        "model": "systems insight manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.1"
      },
      {
        "model": "openpages grc platform",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "6.2.1"
      },
      {
        "model": "enterprise linux workstation supplementary",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "nonstop server h06.22.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "11.04"
      },
      {
        "model": "enterprise linux workstation optional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "message networking",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.2"
      },
      {
        "model": "systems insight manager sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "5.0"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.1"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.10"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "11.04"
      },
      {
        "model": "jdk update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6.020"
      },
      {
        "model": "message networking",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.1"
      },
      {
        "model": "cosminexus studio standard edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "-0"
      },
      {
        "model": "nonstop server h06.19.03",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.3"
      },
      {
        "model": "jdk update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6.03"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.10"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.6"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.7"
      },
      {
        "model": "jdk update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6.05"
      },
      {
        "model": "cms server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "16.1"
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.020"
      },
      {
        "model": "websphere multichannel bank transformation toolkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0"
      },
      {
        "model": "interactive response",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.2.1"
      },
      {
        "model": "nonstop server j06.11.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "nonstop server j06.15",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.03"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2011"
      },
      {
        "model": "messaging application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "update manager update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "5.01"
      },
      {
        "model": "ucosminexus developer professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "aura presence services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "ucosminexus developer standard",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "nonstop server h06.21.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "virtualcenter",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5"
      },
      {
        "model": "rational appscan enterprise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.1"
      },
      {
        "model": "systems insight manager sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "5.0"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.8"
      },
      {
        "model": "nonstop server h06.20.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.4"
      },
      {
        "model": "vcenter",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "4.0"
      },
      {
        "model": "aura system manager sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "aura communication manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "hp-ux b.11.31",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "ucosminexus application server enterprise )",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "09-80"
      },
      {
        "model": "aura system platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0.2"
      },
      {
        "model": "cosminexus client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "aura experience portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "rational appscan enterprise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.1"
      },
      {
        "model": "messaging storage server sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "nonstop server j06.05.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "nonstop server j06.07.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "cms server aux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "15.0"
      },
      {
        "model": "nonstop server h06.21.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "aura session manager sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "nonstop server h06.19.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "hirdb for java",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1.2"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "11.10"
      },
      {
        "model": "ucosminexus application server smart edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "aura session manager sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.7"
      },
      {
        "model": "nonstop server j06.11.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "vcenter",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "4.1"
      },
      {
        "model": "nonstop server h06.26.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "cosminexus developer professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "aura presence services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.1"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "aura application enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "jdk update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6.021"
      },
      {
        "model": "rational policy tester",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0"
      },
      {
        "model": "enterprise linux server optional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "desktop extras",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "4"
      },
      {
        "model": "nonstop server j06.04.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "systems insight manager sp6",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "5.0"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.2"
      },
      {
        "model": "nonstop server j06.04.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.2"
      },
      {
        "model": "nonstop server j06.06.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "ucosminexus primary server base",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "aura application enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.1"
      },
      {
        "model": "jdk update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6.016"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.8"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.4"
      },
      {
        "model": "openpages grc platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.0"
      },
      {
        "model": "nonstop server h06.21.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.021"
      },
      {
        "model": "jdk update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6.07"
      },
      {
        "model": "nonstop server j06.06.03",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "nonstop server h06.17.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.1"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1.1"
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.016"
      },
      {
        "model": "systems insight manager sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "4.2"
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.018"
      },
      {
        "model": "update manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "5.0"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "aura system platform sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "ucosminexus service platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "aura application enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.2"
      },
      {
        "model": "jdk 1.6.0 01-b06",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "cosminexus developer light",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.07"
      },
      {
        "model": "systems insight manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "4.2"
      },
      {
        "model": "nonstop server h06.20.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "ucosminexus client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "rational appscan enterprise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.0.1"
      },
      {
        "model": "nonstop server j06.10.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "websphere multichannel bank transformation toolkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.1"
      },
      {
        "model": "aura application enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.1"
      },
      {
        "model": "enterprise linux desktop optional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "aura communication manager utility services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "nonstop server h06.17.03",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "jdk update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6.017"
      },
      {
        "model": "enterprise linux hpc node supplementary",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "enterprise linux desktop supplementary client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "5"
      },
      {
        "model": "ucosminexus application server standard-r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "ip office application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.0"
      },
      {
        "model": "linux",
        "scope": null,
        "trust": 0.3,
        "vendor": "gentoo",
        "version": null
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "enterprise linux hpc node",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "nonstop server h06.16.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "systems insight manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.0"
      },
      {
        "model": "message networking",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.4"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "rational appscan enterprise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.6"
      },
      {
        "model": "aura system platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.2"
      },
      {
        "model": "cms server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "16.2"
      },
      {
        "model": "enterprise linux server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "5"
      },
      {
        "model": "nonstop server j06.05.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7"
      },
      {
        "model": "openpages grc platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1"
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.017"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "11.04"
      },
      {
        "model": "nonstop server h06.20.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "cosminexus developer no version",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "systems insight manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.3"
      },
      {
        "model": "iq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.1"
      },
      {
        "model": "nonstop server j06.09.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0.1"
      },
      {
        "model": "nonstop server h06.17.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "nonstop server j06.08.03",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "iq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "aura conferencing standard",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "nonstop server j06.10.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "systems insight manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.2"
      },
      {
        "model": "messaging storage server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.2"
      },
      {
        "model": "nonstop server h06.25.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "nonstop server h06.18.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "cosminexus application server no version",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hitachi",
        "version": "0"
      },
      {
        "model": "nonstop server h06.27",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "antivirus update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "1.6.05"
      },
      {
        "model": "nonstop server h06.17.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "nonstop server j06.14.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.2"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "50242"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002592"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-3558"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_24:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_22:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_22:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_23:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_25:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_25:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_26:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:*:update_27:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_26:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:*:update_27:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_23:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_24:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-3558"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Oracle",
    "sources": [
      {
        "db": "BID",
        "id": "50242"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2011-3558",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.0,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2011-3558",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2011-3558",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2011-3558",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2011-3558"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002592"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-3558"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to HotSpot. \nThe vulnerability can be exploited over multiple protocols. This issue affects the \u0027HotSpot\u0027 sub-component. \nThis vulnerability affects the following supported versions:\nJDK and JRE 7,  6 Update 27. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201111-02\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Oracle JRE/JDK: Multiple vulnerabilities\n     Date: November 05, 2011\n     Bugs: #340421, #354213, #370559, #387851\n       ID: 201111-02\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in the Oracle JRE/JDK,\nallowing attackers to cause unspecified impact. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  dev-java/sun-jre-bin        \u003c 1.6.0.29              \u003e= 1.6.0.29 *\n  2  app-emulation/emul-linux-x86-java\n                                 \u003c 1.6.0.29              \u003e= 1.6.0.29 *\n  3  dev-java/sun-jdk            \u003c 1.6.0.29              \u003e= 1.6.0.29 *\n    -------------------------------------------------------------------\n     NOTE: Packages marked with asterisks require manual intervention!\n    -------------------------------------------------------------------\n     3 affected packages\n    -------------------------------------------------------------------\n\nDescription\n===========\n\nMultiple vulnerabilities have been reported in the Oracle Java\nimplementation. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Oracle JDK 1.6 users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=dev-java/sun-jdk-1.6.0.29\"\n\nAll Oracle JRE 1.6 users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=dev-java/sun-jre-bin-1.6.0.29\"\n\nAll users of the precompiled 32-bit Oracle JRE 1.6 should upgrade to\nthe latest version:\n\n  # emerge --sync\n  # emerge -a -1 -v \"\u003e=app-emulation/emul-linux-x86-java-1.6.0.29\"\n\nNOTE: As Oracle has revoked the DLJ license for its Java\nimplementation, the packages can no longer be updated automatically. \nThis limitation is not present on a non-fetch restricted implementation\nsuch as dev-java/icedtea-bin. \n\nReferences\n==========\n\n[  1 ] CVE-2010-3541\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3541\n[  2 ] CVE-2010-3548\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3548\n[  3 ] CVE-2010-3549\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3549\n[  4 ] CVE-2010-3550\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3550\n[  5 ] CVE-2010-3551\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3551\n[  6 ] CVE-2010-3552\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3552\n[  7 ] CVE-2010-3553\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3553\n[  8 ] CVE-2010-3554\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3554\n[  9 ] CVE-2010-3555\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3555\n[ 10 ] CVE-2010-3556\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3556\n[ 11 ] CVE-2010-3557\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3557\n[ 12 ] CVE-2010-3558\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3558\n[ 13 ] CVE-2010-3559\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3559\n[ 14 ] CVE-2010-3560\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3560\n[ 15 ] CVE-2010-3561\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3561\n[ 16 ] CVE-2010-3562\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3562\n[ 17 ] CVE-2010-3563\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3563\n[ 18 ] CVE-2010-3565\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3565\n[ 19 ] CVE-2010-3566\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3566\n[ 20 ] CVE-2010-3567\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3567\n[ 21 ] CVE-2010-3568\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3568\n[ 22 ] CVE-2010-3569\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3569\n[ 23 ] CVE-2010-3570\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3570\n[ 24 ] CVE-2010-3571\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3571\n[ 25 ] CVE-2010-3572\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3572\n[ 26 ] CVE-2010-3573\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3573\n[ 27 ] CVE-2010-3574\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3574\n[ 28 ] CVE-2010-4422\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4422\n[ 29 ] CVE-2010-4447\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4447\n[ 30 ] CVE-2010-4448\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4448\n[ 31 ] CVE-2010-4450\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4450\n[ 32 ] CVE-2010-4451\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4451\n[ 33 ] CVE-2010-4452\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4452\n[ 34 ] CVE-2010-4454\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4454\n[ 35 ] CVE-2010-4462\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4462\n[ 36 ] CVE-2010-4463\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4463\n[ 37 ] CVE-2010-4465\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4465\n[ 38 ] CVE-2010-4466\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4466\n[ 39 ] CVE-2010-4467\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4467\n[ 40 ] CVE-2010-4468\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4468\n[ 41 ] CVE-2010-4469\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4469\n[ 42 ] CVE-2010-4470\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4470\n[ 43 ] CVE-2010-4471\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4471\n[ 44 ] CVE-2010-4472\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4472\n[ 45 ] CVE-2010-4473\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4473\n[ 46 ] CVE-2010-4474\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4474\n[ 47 ] CVE-2010-4475\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4475\n[ 48 ] CVE-2010-4476\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4476\n[ 49 ] CVE-2011-0802\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0802\n[ 50 ] CVE-2011-0814\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0814\n[ 51 ] CVE-2011-0815\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0815\n[ 52 ] CVE-2011-0862\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0862\n[ 53 ] CVE-2011-0863\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0863\n[ 54 ] CVE-2011-0864\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0864\n[ 55 ] CVE-2011-0865\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0865\n[ 56 ] CVE-2011-0867\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0867\n[ 57 ] CVE-2011-0868\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0868\n[ 58 ] CVE-2011-0869\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0869\n[ 59 ] CVE-2011-0871\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0871\n[ 60 ] CVE-2011-0872\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0872\n[ 61 ] CVE-2011-0873\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0873\n[ 62 ] CVE-2011-3389\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389\n[ 63 ] CVE-2011-3516\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3516\n[ 64 ] CVE-2011-3521\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3521\n[ 65 ] CVE-2011-3544\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3544\n[ 66 ] CVE-2011-3545\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3545\n[ 67 ] CVE-2011-3546\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3546\n[ 68 ] CVE-2011-3547\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3547\n[ 69 ] CVE-2011-3548\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3548\n[ 70 ] CVE-2011-3549\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3549\n[ 71 ] CVE-2011-3550\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3550\n[ 72 ] CVE-2011-3551\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3551\n[ 73 ] CVE-2011-3552\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3552\n[ 74 ] CVE-2011-3553\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3553\n[ 75 ] CVE-2011-3554\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3554\n[ 76 ] CVE-2011-3555\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3555\n[ 77 ] CVE-2011-3556\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3556\n[ 78 ] CVE-2011-3557\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3557\n[ 79 ] CVE-2011-3558\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3558\n[ 80 ] CVE-2011-3560\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3560\n[ 81 ] CVE-2011-3561\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3561\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201111-02.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nOvum says ad hoc tools are out-dated. The best practice approach?\nFast vulnerability intelligence, threat handling, and setup in one tool. \n\nRead the new report on the Secunia VIM:\nhttp://secunia.com/products/corporate/vim/ovum_2011_request/ \n\n----------------------------------------------------------------------\n\nTITLE:\nHitachi Cosminexus Products Java Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA46694\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/46694/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46694\n\nRELEASE DATE:\n2011-11-08\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/46694/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/46694/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46694\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nHitachi has acknowledged multiple vulnerabilities in Hitachi\nCosminexus products, which can be exploited by malicious users to\ndisclose certain information and by malicious people to disclose\npotentially sensitive information, hijack a user\u0027s session, conduct\nDNS cache poisoning attacks, manipulate certain data, cause a DoS\n(Denial of Service), and compromise a vulnerable system. \n\nThe vulnerabilities are caused due to vulnerabilities in the bundled\nversion of Cosminexus Developer\u0027s Kit for Java. \n\nFor more information:\nSA46512\n\nPlease see the vendor\u0027s advisory for a list of affected products. \n\nSOLUTION:\nUpdate to a fixed version. Please see the vendor\u0027s advisory for\ndetails. \n\nORIGINAL ADVISORY:\nhttp://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-024/index.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nBackground\n==========\n\nIcedTea is a distribution of the Java OpenJDK source code built with\nfree build tools. ==========================================================================\nUbuntu Security Notice USN-1263-1\nNovember 16, 2011\n\nicedtea-web, openjdk-6, openjdk-6b18 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 11.10\n- Ubuntu 11.04\n- Ubuntu 10.10\n- Ubuntu 10.04 LTS\n\nSummary:\n\nMultiple OpenJDK 6 and IcedTea-Web vulnerabilities have been fixed. \n\nSoftware Description:\n- icedtea-web: A web browser plugin to execute Java applets\n- openjdk-6: Open Source Java implementation\n- openjdk-6b18: Open Source Java implementation\n\nDetails:\n\nDeepak Bhole discovered a flaw in the Same Origin Policy (SOP)\nimplementation in the IcedTea web browser plugin. This could allow a\nremote attacker to open connections to certain hosts that should\nnot be permitted. (CVE-2011-3377)\n\nJuliano Rizzo and Thai Duong discovered that the block-wise AES\nencryption algorithm block-wise as used in TLS/SSL was vulnerable to\na chosen-plaintext attack. This could allow a remote attacker to view\nconfidential data. (CVE-2011-3521)\n\nIt was discovered that the Java scripting engine did not perform\nSecurityManager checks. (CVE-2011-3544)\n\nIt was discovered that the InputStream class used a global buffer to\nstore input bytes skipped. (CVE-2011-3547)\n\nIt was discovered that a vulnerability existed in the AWTKeyStroke\nclass. (CVE-2011-3548)\n\nIt was discovered that an integer overflow vulnerability existed\nin the TransformHelper class in the Java2D implementation. \n(CVE-2011-3556, CVE-2011-3557)\n\nIt was discovered that the HotSpot VM could be made to crash, allowing\nan attacker to cause a denial of service or possibly leak sensitive\ninformation. (CVE-2011-3558)\n\nIt was discovered that the HttpsURLConnection class did not\nproperly perform SecurityManager checks in certain situations. This\ncould allow a remote attacker to bypass restrictions on HTTPS\nconnections. (CVE-2011-3560)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 11.10:\n  icedtea-6-jre-cacao             6b23~pre11-0ubuntu1.11.10\n  icedtea-6-jre-jamvm             6b23~pre11-0ubuntu1.11.10\n  icedtea-netx                    1.1.3-1ubuntu1.1\n  icedtea-plugin                  1.1.3-1ubuntu1.1\n  openjdk-6-jre                   6b23~pre11-0ubuntu1.11.10\n  openjdk-6-jre-headless          6b23~pre11-0ubuntu1.11.10\n  openjdk-6-jre-lib               6b23~pre11-0ubuntu1.11.10\n  openjdk-6-jre-zero              6b23~pre11-0ubuntu1.11.10\n\nUbuntu 11.04:\n  icedtea-6-jre-cacao             6b22-1.10.4-0ubuntu1~11.04.1\n  icedtea-6-jre-jamvm             6b22-1.10.4-0ubuntu1~11.04.1\n  icedtea-netx                    1.1.1-0ubuntu1~11.04.2\n  icedtea-plugin                  1.1.1-0ubuntu1~11.04.2\n  openjdk-6-jre                   6b22-1.10.4-0ubuntu1~11.04.1\n  openjdk-6-jre-headless          6b22-1.10.4-0ubuntu1~11.04.1\n  openjdk-6-jre-lib               6b22-1.10.4-0ubuntu1~11.04.1\n  openjdk-6-jre-zero              6b22-1.10.4-0ubuntu1~11.04.1\n\nUbuntu 10.10:\n  icedtea-6-jre-cacao             6b20-1.9.10-0ubuntu1~10.10.2\n  openjdk-6-demo                  6b20-1.9.10-0ubuntu1~10.10.2\n  openjdk-6-jdk                   6b20-1.9.10-0ubuntu1~10.10.2\n  openjdk-6-jre                   6b20-1.9.10-0ubuntu1~10.10.2\n  openjdk-6-jre-headless          6b20-1.9.10-0ubuntu1~10.10.2\n  openjdk-6-jre-lib               6b20-1.9.10-0ubuntu1~10.10.2\n  openjdk-6-jre-zero              6b20-1.9.10-0ubuntu1~10.10.2\n\nUbuntu 10.04 LTS:\n  icedtea-6-jre-cacao             6b20-1.9.10-0ubuntu1~10.04.2\n  icedtea6-plugin                 6b20-1.9.10-0ubuntu1~10.04.2\n  openjdk-6-demo                  6b20-1.9.10-0ubuntu1~10.04.2\n  openjdk-6-jre                   6b20-1.9.10-0ubuntu1~10.04.2\n  openjdk-6-jre-headless          6b20-1.9.10-0ubuntu1~10.04.2\n  openjdk-6-jre-lib               6b20-1.9.10-0ubuntu1~10.04.2\n  openjdk-6-jre-zero              6b20-1.9.10-0ubuntu1~10.04.2\n\nAfter a standard system update you need to restart any Java applications\nor applets to make all the necessary changes. \n \n IcedTea6 prior to 1.10.4 allows remote attackers to affect\n confidentiality, integrity, and availability via unknown vectors\n related to 2D (CVE-2011-3551). \n \n IcedTea6 prior to 1.10.4 allows remote attackers to affect integrity\n via unknown vectors related to Networking (CVE-2011-3552). \n \n IcedTea6 prior to 1.10.4 allows remote authenticated users to affect\n confidentiality, related to JAXWS (CVE-2011-3553). \n \n IcedTea6 prior to 1.10.4 allows remote attackers to affect\n confidentiality, integrity, and availability, related to RMI\n (CVE-2011-3556). \n \n IcedTea6 prior to 1.10.4 allows remote attackers to affect\n confidentiality, integrity, and availability, related to RMI\n (CVE-2011-3557). A\n malicious applet could use this flaw to bypass SOP protection and\n open connections to any sub-domain of the second-level domain of\n the applet\u0026#039;s origin, as well as any sub-domain of the domain that\n is the suffix of the origin second-level domain.  For example,\n IcedTea-Web plugin allowed applet from some.host.example.com to\n connect to other.host.example.com, www.example.com, and example.com,\n as well as www.ample.com or ample.com. (CVE-2011-3377).  The verification\n of md5 checksums and GPG signatures is performed automatically for you.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.11 (GNU/Linux)\n\niD8DBQFOvSWxmqjQ0CJFipgRAnk1AKDUddZYCqwkfhoUpLxEL0BT3mDf0ACfbuTI\naaF2JGTyfceBABs92un/yVA=\n=yPsD\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. Further\ninformation about these flaws can be found on the Oracle Java SE Critical\nPatch page, listed in the References section. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2011-11-08-1 Java for Mac OS X 10.7 Update 1 and Java for Mac\nOS X 10.6 Update 6\n\nJava for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6\nare now available and address the following:\n\nJava\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nMac OS X v10.7.2, Mac OS X Server v10.7.2\nImpact: Multiple vulnerabilities in Java 1.6.0_26\nDescription: Multiple vulnerabilities exist in Java 1.6.0_26, the\nmost serious of which may allow an untrusted Java applet to execute\narbitrary code outside the Java sandbox. \nThese issues are addressed by updating to Java version 1.6.0_29. \nFurther information is available via the Java website at\nhttp://java.sun.com/javase/6/webnotes/ReleaseNotes.html\nCVE-ID\nCVE-2011-3389\nCVE-2011-3521\nCVE-2011-3544\nCVE-2011-3545\nCVE-2011-3546\nCVE-2011-3547\nCVE-2011-3548\nCVE-2011-3549\nCVE-2011-3551\nCVE-2011-3552\nCVE-2011-3553\nCVE-2011-3554\nCVE-2011-3556\nCVE-2011-3557\nCVE-2011-3558\nCVE-2011-3560\nCVE-2011-3561\n\nJava for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6\nmay be obtained from the Software Update pane in System Preferences,\nor Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nFor Mac OS X v10.6 systems\nThe download file is named: JavaForMacOSX10.6.dmg\nIts SHA-1 digest is: be0ac75b8bac967f1d39a94ebf9482a61fb7d70b\n\nFor Mac OS X v10.7 systems\nThe download file is named: JavaForMacOSX10.7.dmg\nIts SHA-1 digest is: 7768e6aeb5adaa638c74d4c04150517ed99fed20\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.16 (Darwin)\n\niQEcBAEBAgAGBQJOuZNKAAoJEGnF2JsdZQeece8H/1I98YQ1LF4iDD442zB+WjZP\n2Vxd3euXYwySD6qDCYNLJ0hUKu90c/4nr5d5rRH3xYdBzAHuZG39m069lpN1UZIW\nt5ube+j9zjiejnXlPbAgq+vIAg22nu0EdxhOOZZeQOoEYqyoKhXNCt3fR+tzo3o4\nmN/LWMO1NwrM0sGDPuUGs2TWdPZbC4QJJz4Z4S+FsTlujYh9MRd3dyxLBIg7BKCL\nwgnFdpFW8bPmVdiTj91pC0Gb3XtolQxexXGHsdI15KeFMbQ06nKV/AyvxMF8O5jS\nD089GEHE52NAQCZ0YJ6TJsisrGqTZZ77js55cPU259FogxEKKBuwfdFbn4qVeD8=\n=4KBF\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: java-1.6.0-openjdk security update\nAdvisory ID:       RHSA-2011:1380-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2011-1380.html\nIssue date:        2011-10-18\nCVE Names:         CVE-2011-3389 CVE-2011-3521 CVE-2011-3544 \n                   CVE-2011-3547 CVE-2011-3548 CVE-2011-3551 \n                   CVE-2011-3552 CVE-2011-3553 CVE-2011-3554 \n                   CVE-2011-3556 CVE-2011-3557 CVE-2011-3558 \n                   CVE-2011-3560 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.6.0-openjdk packages that fix several security issues are\nnow available for Red Hat Enterprise Linux 5 and 6. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux (v. 5 server) - i386, x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit. \n\nA flaw was found in the Java RMI (Remote Method Invocation) registry\nimplementation. A remote RMI client could use this flaw to execute\narbitrary code on the RMI server running the registry. (CVE-2011-3556)\n\nA flaw was found in the Java RMI registry implementation. A remote RMI\nclient could use this flaw to execute code on the RMI server with\nunrestricted privileges. (CVE-2011-3557)\n\nA flaw was found in the IIOP (Internet Inter-Orb Protocol) deserialization\ncode. An untrusted Java application or applet running in a sandbox could\nuse this flaw to bypass sandbox restrictions by deserializing\nspecially-crafted input. (CVE-2011-3521)\n\nIt was found that the Java ScriptingEngine did not properly restrict the\nprivileges of sandboxed applications. An untrusted Java application or\napplet running in a sandbox could use this flaw to bypass sandbox\nrestrictions. (CVE-2011-3544)\n\nA flaw was found in the AWTKeyStroke implementation. An untrusted Java\napplication or applet running in a sandbox could use this flaw to bypass\nsandbox restrictions. (CVE-2011-3548)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the Java2D code used to perform transformations of graphic shapes\nand images. An untrusted Java application or applet running in a sandbox\ncould use this flaw to bypass sandbox restrictions. (CVE-2011-3551)\n\nAn insufficient error checking flaw was found in the unpacker for JAR files\nin pack200 format. A specially-crafted JAR file could use this flaw to\ncrash the Java Virtual Machine (JVM) or, possibly, execute arbitrary code\nwith JVM privileges. (CVE-2011-3554)\n\nIt was found that HttpsURLConnection did not perform SecurityManager checks\nin the setSSLSocketFactory method. An untrusted Java application or applet\nrunning in a sandbox could use this flaw to bypass connection restrictions\ndefined in the policy. (CVE-2011-3560)\n\nA flaw was found in the way the SSL 3 and TLS 1.0 protocols used block\nciphers in cipher-block chaining (CBC) mode. An attacker able to perform a\nchosen plain text attack against a connection mixing trusted and untrusted\ndata could use this flaw to recover portions of the trusted data sent over\nthe connection. (CVE-2011-3389)\n\nNote: This update mitigates the CVE-2011-3389 issue by splitting the first\napplication data record byte to a separate SSL/TLS protocol record. This\nmitigation may cause compatibility issues with some SSL/TLS implementations\nand can be disabled using the jsse.enableCBCProtection boolean property. \nThis can be done on the command line by appending the flag\n\"-Djsse.enableCBCProtection=false\" to the java command. \n\nAn information leak flaw was found in the InputStream.skip implementation. \nAn untrusted Java application or applet could possibly use this flaw to\nobtain bytes skipped by other threads. (CVE-2011-3547)\n\nA flaw was found in the Java HotSpot virtual machine. An untrusted Java\napplication or applet could use this flaw to disclose portions of the VM\nmemory, or cause it to crash. (CVE-2011-3558)\n\nThe Java API for XML Web Services (JAX-WS) implementation in OpenJDK was\nconfigured to include the stack trace in error messages sent to clients. A\nremote client could possibly use this flaw to obtain sensitive information. \n(CVE-2011-3553)\n\nIt was found that Java applications running with SecurityManager\nrestrictions were allowed to use too many UDP sockets by default. If\nmultiple instances of a malicious application were started at the same\ntime, they could exhaust all available UDP sockets on the system. \n(CVE-2011-3552)\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.9.10. Refer to\nthe NEWS file, linked to in the References, for further information. \n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n737506 - CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)\n745379 - CVE-2011-3560 OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936)\n745387 - CVE-2011-3547 OpenJDK: InputStream skip() information leak (Networking/IO, 7000600)\n745391 - CVE-2011-3551 OpenJDK: Java2D TransformHelper integer overflow (2D, 7023640)\n745397 - CVE-2011-3552 OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417)\n745399 - CVE-2011-3544 OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823)\n745442 - CVE-2011-3521 OpenJDK: IIOP deserialization code execution (Deserialization, 7055902)\n745447 - CVE-2011-3554 OpenJDK: insufficient pack200 JAR files uncompress error checks (Runtime, 7057857)\n745459 - CVE-2011-3556 OpenJDK: RMI DGC server remote code execution (RMI, 7077466)\n745464 - CVE-2011-3557 OpenJDK: RMI registry privileged code execution (RMI, 7083012)\n745473 - CVE-2011-3548 OpenJDK: mutable static AWTKeyStroke.ctor (AWT, 7019773)\n745476 - CVE-2011-3553 OpenJDK: JAX-WS stack-traces information leak (JAX-WS, 7046794)\n745492 - CVE-2011-3558 OpenJDK: Hotspot unspecified issue (Hotspot, 7070134)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.src.rpm\n\ni386:\njava-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.src.rpm\n\ni386:\njava-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.i386.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.23.1.9.10.el5_7.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm\n\ni386:\njava-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm\n\ni386:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm\n\nx86_64:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm\n\ni386:\njava-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm\n\ni386:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm\n\ni386:\njava-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.src.rpm\n\ni386:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm\n\nx86_64:\njava-1.6.0-openjdk-debuginfo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\njava-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-3389.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3521.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3544.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3547.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3548.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3551.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3552.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3553.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3554.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3556.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3557.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3558.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3560.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html\nhttp://icedtea.classpath.org/hg/release/icedtea6-1.9/file/328afd896e3e/NEWS\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFOngvzXlSAg2UNWIIRArb8AKCaS923HYBco1E2eOOedT1aefjmyACgherU\n1E1DMZpv3ExBmKhD4Emi2no=\n=sMXo\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-3558"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002592"
      },
      {
        "db": "BID",
        "id": "50242"
      },
      {
        "db": "VULMON",
        "id": "CVE-2011-3558"
      },
      {
        "db": "PACKETSTORM",
        "id": "106640"
      },
      {
        "db": "PACKETSTORM",
        "id": "106747"
      },
      {
        "db": "PACKETSTORM",
        "id": "127267"
      },
      {
        "db": "PACKETSTORM",
        "id": "107051"
      },
      {
        "db": "PACKETSTORM",
        "id": "106868"
      },
      {
        "db": "PACKETSTORM",
        "id": "105998"
      },
      {
        "db": "PACKETSTORM",
        "id": "106792"
      },
      {
        "db": "PACKETSTORM",
        "id": "105967"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-3558",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "50242",
        "trust": 1.4
      },
      {
        "db": "SECUNIA",
        "id": "48308",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "76510",
        "trust": 1.1
      },
      {
        "db": "SECTRACK",
        "id": "1026215",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002592",
        "trust": 0.8
      },
      {
        "db": "HITACHI",
        "id": "HS11-024",
        "trust": 0.4
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-213-02",
        "trust": 0.3
      },
      {
        "db": "SECUNIA",
        "id": "46694",
        "trust": 0.2
      },
      {
        "db": "VULMON",
        "id": "CVE-2011-3558",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "106640",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "106747",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "127267",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "107051",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "106868",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "105998",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "106792",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "105967",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2011-3558"
      },
      {
        "db": "BID",
        "id": "50242"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002592"
      },
      {
        "db": "PACKETSTORM",
        "id": "106640"
      },
      {
        "db": "PACKETSTORM",
        "id": "106747"
      },
      {
        "db": "PACKETSTORM",
        "id": "127267"
      },
      {
        "db": "PACKETSTORM",
        "id": "107051"
      },
      {
        "db": "PACKETSTORM",
        "id": "106868"
      },
      {
        "db": "PACKETSTORM",
        "id": "105998"
      },
      {
        "db": "PACKETSTORM",
        "id": "106792"
      },
      {
        "db": "PACKETSTORM",
        "id": "105967"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-3558"
      }
    ]
  },
  "id": "VAR-201110-0389",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 1.0
  },
  "last_update_date": "2024-07-23T19:44:03.481000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT5045",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht5045"
      },
      {
        "title": "HS11-024",
        "trust": 0.8,
        "url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs11-024/index.html"
      },
      {
        "title": "HPSBMU02769 SSRT100846",
        "trust": 0.8,
        "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03298151"
      },
      {
        "title": "Oracle Java SE Critical Patch Update Advisory - October 2011",
        "trust": 0.8,
        "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
      },
      {
        "title": "RHSA-2011:1384",
        "trust": 0.8,
        "url": "http://rhn.redhat.com/errata/rhsa-2011-1384.html"
      },
      {
        "title": "October 2011 Critical Patch Updates Released",
        "trust": 0.8,
        "url": "http://blogs.oracle.com/security/entry/october_2011_critical_patch_updates"
      },
      {
        "title": "VMSA-2012-0003",
        "trust": 0.8,
        "url": "http://www.vmware.com/jp/support/support-resources/advisories/vmsa-2012-0003.html"
      },
      {
        "title": "HS11-024",
        "trust": 0.8,
        "url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs11-024/index.html"
      },
      {
        "title": "Ubuntu Security Notice: openjdk-6, openjdk-6b18 regression",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-1263-2"
      },
      {
        "title": "Ubuntu Security Notice: icedtea-web, openjdk-6, openjdk-6b18 vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-1263-1"
      },
      {
        "title": "Amazon Linux AMI: ALAS-2011-010",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2011-010"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2011-3558"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002592"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-3558"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/bid/50242"
      },
      {
        "trust": 1.2,
        "url": "http://www.ubuntu.com/usn/usn-1263-1"
      },
      {
        "trust": 1.2,
        "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
      },
      {
        "trust": 1.1,
        "url": "http://www.redhat.com/support/errata/rhsa-2011-1384.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/76510"
      },
      {
        "trust": 1.1,
        "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id?1026215"
      },
      {
        "trust": 1.1,
        "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70835"
      },
      {
        "trust": 1.1,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a13475"
      },
      {
        "trust": 1.1,
        "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
      },
      {
        "trust": 1.1,
        "url": "http://secunia.com/advisories/48308"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3558"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3558"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3521"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3553"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3558"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3560"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3554"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3552"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3544"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3389"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3556"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3557"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3548"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3551"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3547"
      },
      {
        "trust": 0.4,
        "url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs11-024/index.html"
      },
      {
        "trust": 0.3,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-213-02"
      },
      {
        "trust": 0.3,
        "url": "http://support.avaya.com/css/p8/documents/100151219"
      },
      {
        "trust": 0.3,
        "url": "http://support.avaya.com/css/p8/documents/100150852"
      },
      {
        "trust": 0.3,
        "url": "http://support.avaya.com/css/p8/documents/100154049"
      },
      {
        "trust": 0.3,
        "url": "http://h20565.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?docid=emr_na-c03909126-1\u0026ac.admitted=1378134276525.876444892.492883150"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643845"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21641966"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21609004"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21609022"
      },
      {
        "trust": 0.3,
        "url": "http://lists.vmware.com/pipermail/security-announce/2012/000162.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.vmware.com/security/advisories/vmsa-2012-0005.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.xerox.com/download/security/security-bulletin/1284333-14afb-4baadb5bccb00/cert_xrx12-002_v1.1.pdf"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3574"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3548"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3565"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0864"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3553"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3557"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4450"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0865"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4471"
      },
      {
        "trust": 0.2,
        "url": "http://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3557"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3562"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3567"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4476"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3554"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0862"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3568"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3561"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4467"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3567"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4465"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4472"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3556"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3568"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3548"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3541"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3566"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3549"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3562"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3573"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3552"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4469"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4448"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3521"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3569"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0871"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0815"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3554"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3569"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3573"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3548"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3541"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3549"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3565"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0872"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3554"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3574"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4470"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3553"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3551"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3544"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3547"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3560"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0869"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3566"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3551"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3553"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3558"
      },
      {
        "trust": 0.2,
        "url": "http://security.gentoo.org/"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3561"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0868"
      },
      {
        "trust": 0.2,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3389"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3551"
      },
      {
        "trust": 0.2,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3557"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3377"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3560.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3547.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3548.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3557.html"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/kb/docs/doc-11259"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3549"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3554.html"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3553.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3556.html"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3546"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3545"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3551.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3389.html"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3561"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3544.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3521.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3558.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3552.html"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/team/key/#package"
      },
      {
        "trust": 0.2,
        "url": "http://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/1263-2/"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4474"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0814"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3563"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3570"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3555"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4451"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3560"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3516"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3550"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3550"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3556"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3550"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4447"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3549"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3563"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4466"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0863"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3558"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3555"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3556"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4462"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3572"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3571"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3546"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3559"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3571"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3561"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3558"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4475"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3559"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3552"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3552"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4422"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0867"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4468"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4463"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3560"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3570"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3545"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3555"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4452"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0802"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4422"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4473"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/glsa/glsa-201111-02.xml"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3572"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0873"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4454"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/46694/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/products/corporate/vim/ovum_2011_request/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46694"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/46694/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4470"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3423"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2412"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2414"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4002"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1478"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5979"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6954"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4540"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0429"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0441"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2421"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0870"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0706"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0434"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0425"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3571"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0426"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0457"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2783"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0451"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0459"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2423"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1876"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0431"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0458"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2548"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3564"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4465"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2403"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2548"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2398"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0432"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0444"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1475"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4469"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3564"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0461"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0442"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0427"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2427"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0429"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3860"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3422"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0433"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0822"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0025"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1476"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0424"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0435"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0456"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4450"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0450"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4467"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0460"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6629"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4448"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2783"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1480"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4351"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0428"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2397"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0452"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0446"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0453"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3860"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0440"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0443"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4351"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/openjdk-6b18/6b18-1.8.10-0ubuntu1~10.10.2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b20-1.9.10-0ubuntu1~10.04.2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/icedtea-web/1.1.1-0ubuntu1~11.04.2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b23~pre11-0ubuntu1.11.10"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/openjdk-6b18/6b18-1.8.10-0ubuntu1~11.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b22-1.10.4-0ubuntu1~11.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/openjdk-6b18/6b18-1.8.10-0ubuntu1~10.04.2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b20-1.9.10-0ubuntu1~10.10.2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/icedtea-web/1.1.3-1ubuntu1.1"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3377"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3556"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3552"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3560"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3553"
      },
      {
        "trust": 0.1,
        "url": "https://www.ample.com"
      },
      {
        "trust": 0.1,
        "url": "https://www.example.com,"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3389"
      },
      {
        "trust": 0.1,
        "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3557"
      },
      {
        "trust": 0.1,
        "url": "http://www.mandriva.com/security/"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3554"
      },
      {
        "trust": 0.1,
        "url": "http://www.mandriva.com/security/advisories"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3551"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3544"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3521"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3548"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3547"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3550"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3555"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3549.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3546.html"
      },
      {
        "trust": 0.1,
        "url": "https://rhn.redhat.com/errata/rhsa-2011-1384.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3516.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3516"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3545.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3561.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3550.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/security/data/cve/cve-2011-3555.html"
      },
      {
        "trust": 0.1,
        "url": "http://support.apple.com/kb/ht1222"
      },
      {
        "trust": 0.1,
        "url": "http://www.apple.com/support/downloads/"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.1,
        "url": "http://java.sun.com/javase/6/webnotes/releasenotes.html"
      },
      {
        "trust": 0.1,
        "url": "http://icedtea.classpath.org/hg/release/icedtea6-1.9/file/328afd896e3e/news"
      },
      {
        "trust": 0.1,
        "url": "https://rhn.redhat.com/errata/rhsa-2011-1380.html"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2011-3558"
      },
      {
        "db": "BID",
        "id": "50242"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002592"
      },
      {
        "db": "PACKETSTORM",
        "id": "106640"
      },
      {
        "db": "PACKETSTORM",
        "id": "106747"
      },
      {
        "db": "PACKETSTORM",
        "id": "127267"
      },
      {
        "db": "PACKETSTORM",
        "id": "107051"
      },
      {
        "db": "PACKETSTORM",
        "id": "106868"
      },
      {
        "db": "PACKETSTORM",
        "id": "105998"
      },
      {
        "db": "PACKETSTORM",
        "id": "106792"
      },
      {
        "db": "PACKETSTORM",
        "id": "105967"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-3558"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2011-3558"
      },
      {
        "db": "BID",
        "id": "50242"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002592"
      },
      {
        "db": "PACKETSTORM",
        "id": "106640"
      },
      {
        "db": "PACKETSTORM",
        "id": "106747"
      },
      {
        "db": "PACKETSTORM",
        "id": "127267"
      },
      {
        "db": "PACKETSTORM",
        "id": "107051"
      },
      {
        "db": "PACKETSTORM",
        "id": "106868"
      },
      {
        "db": "PACKETSTORM",
        "id": "105998"
      },
      {
        "db": "PACKETSTORM",
        "id": "106792"
      },
      {
        "db": "PACKETSTORM",
        "id": "105967"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-3558"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-10-19T00:00:00",
        "db": "VULMON",
        "id": "CVE-2011-3558"
      },
      {
        "date": "2011-10-18T00:00:00",
        "db": "BID",
        "id": "50242"
      },
      {
        "date": "2011-10-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-002592"
      },
      {
        "date": "2011-11-06T01:01:42",
        "db": "PACKETSTORM",
        "id": "106640"
      },
      {
        "date": "2011-11-08T04:55:18",
        "db": "PACKETSTORM",
        "id": "106747"
      },
      {
        "date": "2014-06-30T23:39:28",
        "db": "PACKETSTORM",
        "id": "127267"
      },
      {
        "date": "2011-11-17T02:34:27",
        "db": "PACKETSTORM",
        "id": "107051"
      },
      {
        "date": "2011-11-12T00:06:50",
        "db": "PACKETSTORM",
        "id": "106868"
      },
      {
        "date": "2011-10-19T22:54:10",
        "db": "PACKETSTORM",
        "id": "105998"
      },
      {
        "date": "2011-11-09T18:31:22",
        "db": "PACKETSTORM",
        "id": "106792"
      },
      {
        "date": "2011-10-19T00:58:21",
        "db": "PACKETSTORM",
        "id": "105967"
      },
      {
        "date": "2011-10-19T21:55:01.677000",
        "db": "NVD",
        "id": "CVE-2011-3558"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-01-06T00:00:00",
        "db": "VULMON",
        "id": "CVE-2011-3558"
      },
      {
        "date": "2017-08-02T18:09:00",
        "db": "BID",
        "id": "50242"
      },
      {
        "date": "2013-03-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-002592"
      },
      {
        "date": "2018-01-06T02:29:21.003000",
        "db": "NVD",
        "id": "CVE-2011-3558"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "network",
    "sources": [
      {
        "db": "BID",
        "id": "50242"
      }
    ],
    "trust": 0.3
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Oracle Java SE of  Java Runtime Environment (JRE) Component vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-002592"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unknown",
    "sources": [
      {
        "db": "BID",
        "id": "50242"
      }
    ],
    "trust": 0.3
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.