{"cve": [{"lastseen": "2021-02-02T06:28:12", "description": "Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available HTML functionality. Although it is possible to include an HTML comment indicator to hide content.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "LOW", "baseScore": 7.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.4}, "published": "2016-12-23T22:59:00", "title": "CVE-2016-7966", "type": "cve", "cwe": ["CWE-94"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7966"], "modified": "2016-12-27T18:42:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/a:kde:kmail:4.4.0", "cpe:/o:fedoraproject:fedora:25", "cpe:/o:suse:linux_enterprise:12.0"], "id": "CVE-2016-7966", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7966", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:kde:kmail:4.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:12", "description": "KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. Since the generated html is executed in the local file security context by default access to remote and local URLs was enabled.", "edition": 6, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.2}, "published": "2016-12-23T22:59:00", "title": "CVE-2016-7967", "type": "cve", "cwe": ["CWE-284", "CWE-94"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7967"], "modified": "2016-12-27T18:42:00", "cpe": ["cpe:/a:kde:kmail:5.3.0"], "id": "CVE-2016-7967", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7967", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:kde:kmail:5.3.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:28:12", "description": "KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. HTML Mail contents were not sanitized for JavaScript and included code was executed.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 2.5}, "published": "2016-12-23T22:59:00", "title": "CVE-2016-7968", "type": "cve", "cwe": ["CWE-94"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7968"], "modified": "2016-12-27T18:50:00", "cpe": ["cpe:/a:kde:kmail:5.3.0"], "id": "CVE-2016-7968", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7968", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:kde:kmail:5.3.0:*:*:*:*:*:*:*"]}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-7966", "CVE-2016-7967", "CVE-2016-7968"], "description": "The Syndication Library. ", "modified": "2016-10-30T18:31:28", "published": "2016-10-30T18:31:28", "id": "FEDORA:EABFC6078C24", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: kf5-syndication-16.08.2-1.fc24", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-7966", "CVE-2016-7967", "CVE-2016-7968"], "description": "KDE PIM library for Grantlee template system. ", "modified": "2016-10-30T18:31:28", "published": "2016-10-30T18:31:28", "id": "FEDORA:DDEA860460FC", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: kf5-grantleetheme-16.08.2-1.fc24", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-7966", "CVE-2016-7967", "CVE-2016-7968"], "description": "PIM common libraries. ", "modified": "2016-10-30T18:31:29", "published": "2016-10-30T18:31:29", "id": "FEDORA:0A75D60460FF", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: kf5-pimcommon-16.08.2-1.fc24", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-7966", "CVE-2016-7967", "CVE-2016-7968"], "description": "The Akonadi Mime Library. ", "modified": "2016-10-30T18:31:29", "published": "2016-10-30T18:31:29", "id": "FEDORA:389826087899", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: kf5-akonadi-mime-16.08.2-1.fc24", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-7966", "CVE-2016-7967", "CVE-2016-7968"], "description": "The KMime Library. ", "modified": "2016-10-30T18:31:29", "published": "2016-10-30T18:31:29", "id": "FEDORA:9D9796087B1D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: kf5-kmime-16.08.2-1.fc24", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-7966", "CVE-2016-7967", "CVE-2016-7968"], "description": "Mail applications support library. ", "modified": "2016-10-30T18:31:29", "published": "2016-10-30T18:31:29", "id": "FEDORA:C38CC6087B7A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: kf5-mailcommon-16.08.2-1.fc24", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-7966", "CVE-2016-7967", "CVE-2016-7968"], "description": "The KTNef Library. ", "modified": "2016-10-30T18:31:29", "published": "2016-10-30T18:31:29", "id": "FEDORA:1B6436046221", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: kf5-ktnef-16.08.2-1.fc24", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-7966", "CVE-2016-7967", "CVE-2016-7968"], "description": "The KAlarmCal Library. ", "modified": "2016-10-30T18:31:29", "published": "2016-10-30T18:31:29", "id": "FEDORA:D0A5C6087B83", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: kf5-kalarmcal-16.08.2-1.fc24", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-7966", "CVE-2016-7967", "CVE-2016-7968"], "description": "The KCalendarUtils Library. ", "modified": "2016-10-30T18:31:29", "published": "2016-10-30T18:31:29", "id": "FEDORA:B69256087B76", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: kf5-kcalendarutils-16.08.2-1.fc24", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-7966", "CVE-2016-7967", "CVE-2016-7968"], "description": "C++ wrapper and Qt integration for GpgMe library. ", "modified": "2016-10-30T18:31:29", "published": "2016-10-30T18:31:29", "id": "FEDORA:EAACB6087B8D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: kf5-gpgmepp-16.08.2-1.fc24", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-12T10:14:01", "description": "KDE PIM Applications 16.08.2,\nhttps://www.kde.org/announcements/announce-applications-16.08.2.php\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 20, "cvss3": {"score": 8.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}, "published": "2016-10-31T00:00:00", "title": "Fedora 24 : 1:kdepim-runtime / 7:kdepim / kdepim-addons / kdepim-apps-libs / etc (2016-1b042a79bd)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7968", "CVE-2016-7967", "CVE-2016-7966"], "modified": "2016-10-31T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kf5-akonadi-mime", "p-cpe:/a:fedoraproject:fedora:kf5-gpgmepp", "p-cpe:/a:fedoraproject:fedora:kf5-kblog", "p-cpe:/a:fedoraproject:fedora:kf5-mailimporter", "p-cpe:/a:fedoraproject:fedora:kdepim-addons", "p-cpe:/a:fedoraproject:fedora:kf5-kholidays", "p-cpe:/a:fedoraproject:fedora:kf5-kcalendarutils", "p-cpe:/a:fedoraproject:fedora:kf5-mailcommon", "p-cpe:/a:fedoraproject:fedora:kf5-grantleetheme", "p-cpe:/a:fedoraproject:fedora:kf5-akonadi-calendar", "p-cpe:/a:fedoraproject:fedora:kf5-libkdepim", "p-cpe:/a:fedoraproject:fedora:kf5-kmailtransport", "p-cpe:/a:fedoraproject:fedora:kf5-libksieve", "p-cpe:/a:fedoraproject:fedora:kf5-eventviews", "p-cpe:/a:fedoraproject:fedora:kf5-kmime", "p-cpe:/a:fedoraproject:fedora:7:kdepim", "p-cpe:/a:fedoraproject:fedora:kf5-kalarmcal", "p-cpe:/a:fedoraproject:fedora:kf5-ktnef", "p-cpe:/a:fedoraproject:fedora:kf5-kcalendarcore", "p-cpe:/a:fedoraproject:fedora:kf5-kimap", "p-cpe:/a:fedoraproject:fedora:kf5-libkleo", "p-cpe:/a:fedoraproject:fedora:kf5-kontactinterface", "p-cpe:/a:fedoraproject:fedora:kdepim-apps-libs", "p-cpe:/a:fedoraproject:fedora:kf5-libgravatar", "p-cpe:/a:fedoraproject:fedora:kf5-akonadi-notes", "p-cpe:/a:fedoraproject:fedora:kf5-syndication", "p-cpe:/a:fedoraproject:fedora:kf5-messagelib", "p-cpe:/a:fedoraproject:fedora:kf5-kdgantt2", "p-cpe:/a:fedoraproject:fedora:kf5-kpimtextedit", "p-cpe:/a:fedoraproject:fedora:kf5-calendarsupport", "p-cpe:/a:fedoraproject:fedora:kf5-akonadi-search", "cpe:/o:fedoraproject:fedora:24", "p-cpe:/a:fedoraproject:fedora:kf5-incidenceeditor", "p-cpe:/a:fedoraproject:fedora:kf5-pimcommon", "p-cpe:/a:fedoraproject:fedora:kf5-akonadi-server", "p-cpe:/a:fedoraproject:fedora:kf5-akonadi-contacts", "p-cpe:/a:fedoraproject:fedora:1:kdepim-runtime", "p-cpe:/a:fedoraproject:fedora:kf5-kcontacts", "p-cpe:/a:fedoraproject:fedora:kf5-kmbox", "p-cpe:/a:fedoraproject:fedora:kf5-kldap", "p-cpe:/a:fedoraproject:fedora:kleopatra", "p-cpe:/a:fedoraproject:fedora:kf5-kidentitymanagement"], "id": "FEDORA_2016-1B042A79BD.NASL", "href": "https://www.tenable.com/plugins/nessus/94413", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-1b042a79bd.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94413);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-7966\", \"CVE-2016-7967\", \"CVE-2016-7968\");\n script_xref(name:\"FEDORA\", value:\"2016-1b042a79bd\");\n\n script_name(english:\"Fedora 24 : 1:kdepim-runtime / 7:kdepim / kdepim-addons / kdepim-apps-libs / etc (2016-1b042a79bd)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"KDE PIM Applications 16.08.2,\nhttps://www.kde.org/announcements/announce-applications-16.08.2.php\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-1b042a79bd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.kde.org/announcements/announce-applications-16.08.2.php\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:kdepim-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:7:kdepim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdepim-addons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdepim-apps-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-akonadi-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-akonadi-contacts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-akonadi-mime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-akonadi-notes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-akonadi-search\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-akonadi-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-calendarsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-eventviews\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-gpgmepp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-grantleetheme\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-incidenceeditor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kalarmcal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kblog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kcalendarcore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kcalendarutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kcontacts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kdgantt2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kholidays\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kidentitymanagement\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kimap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kmailtransport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kmbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kmime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kontactinterface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-kpimtextedit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-ktnef\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-libgravatar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-libkdepim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-libkleo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-libksieve\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-mailcommon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-mailimporter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-messagelib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-pimcommon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kf5-syndication\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kleopatra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"kdepim-runtime-16.08.2-1.fc24\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kdepim-16.08.2-1.fc24\", epoch:\"7\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kdepim-addons-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kdepim-apps-libs-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-akonadi-calendar-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-akonadi-contacts-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-akonadi-mime-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-akonadi-notes-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-akonadi-search-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-akonadi-server-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-calendarsupport-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-eventviews-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-gpgmepp-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-grantleetheme-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-incidenceeditor-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-kalarmcal-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-kblog-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-kcalendarcore-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-kcalendarutils-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-kcontacts-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-kdgantt2-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-kholidays-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-kidentitymanagement-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-kimap-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-kldap-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-kmailtransport-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-kmbox-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-kmime-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-kontactinterface-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-kpimtextedit-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-ktnef-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-libgravatar-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-libkdepim-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-libkleo-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-libksieve-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-mailcommon-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-mailimporter-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-messagelib-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-pimcommon-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kf5-syndication-16.08.2-1.fc24\")) flag++;\nif (rpm_check(release:\"FC24\", reference:\"kleopatra-16.08.2-1.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:kdepim-runtime / 7:kdepim / kdepim-addons / kdepim-apps-libs / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:49:50", "description": "Roland Tapken discovered that insufficient input sanitising in KMail's\nplain text viewer allowed the injection of HTML code.", "edition": 25, "cvss3": {"score": 7.3, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2016-10-24T00:00:00", "title": "Debian DSA-3697-1 : kdepimlibs - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7966"], "modified": "2016-10-24T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:kdepimlibs"], "id": "DEBIAN_DSA-3697.NASL", "href": "https://www.tenable.com/plugins/nessus/94205", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3697. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94205);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-7966\");\n script_xref(name:\"DSA\", value:\"3697\");\n\n script_name(english:\"Debian DSA-3697-1 : kdepimlibs - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Roland Tapken discovered that insufficient input sanitising in KMail's\nplain text viewer allowed the injection of HTML code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/kdepimlibs\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3697\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the kdepimlibs packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 4:4.14.2-2+deb8u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kdepimlibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"kdepimlibs-dbg\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kdepimlibs-kio-plugins\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kdepimlibs5-dev\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libakonadi-calendar4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libakonadi-contact4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libakonadi-kabc4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libakonadi-kcal4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libakonadi-kde4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libakonadi-kmime4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libakonadi-notes4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libakonadi-socialutils4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libakonadi-xml4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgpgme++2\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkabc4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkalarmcal2\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkblog4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkcal4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkcalcore4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkcalutils4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkholidays4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkimap4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkldap4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkmbox4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkmime4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkontactinterface4a\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkpimidentities4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkpimtextedit4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkpimutils4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkresources4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libktnef4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libkxmlrpcclient4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmailtransport4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmicroblog4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqgpgme1\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsyndication4\", reference:\"4:4.14.2-2+deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T12:29:21", "description": "This update for kcoreaddons fixes the following issues :\n\n - CVE-2016-7966: HTML injection in plain text viewer\n (boo#1002977)", "edition": 20, "cvss3": {"score": 7.3, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2016-10-19T00:00:00", "title": "openSUSE Security Update : kcoreaddons (openSUSE-2016-1200)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7966"], "modified": "2016-10-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libKF5CoreAddons5", "p-cpe:/a:novell:opensuse:libKF5CoreAddons5-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libKF5CoreAddons5-32bit", "cpe:/o:novell:opensuse:42.1", "p-cpe:/a:novell:opensuse:kcoreaddons-devel-32bit", "p-cpe:/a:novell:opensuse:kcoreaddons", "p-cpe:/a:novell:opensuse:kcoreaddons-devel", "p-cpe:/a:novell:opensuse:libKF5CoreAddons5-debuginfo", "p-cpe:/a:novell:opensuse:kcoreaddons-devel-debuginfo-32bit", "p-cpe:/a:novell:opensuse:kcoreaddons-debugsource", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:kcoreaddons-devel-debuginfo", "p-cpe:/a:novell:opensuse:kcoreaddons-lang"], "id": "OPENSUSE-2016-1200.NASL", "href": "https://www.tenable.com/plugins/nessus/94128", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1200.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94128);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-7966\");\n\n script_name(english:\"openSUSE Security Update : kcoreaddons (openSUSE-2016-1200)\");\n script_summary(english:\"Check for the openSUSE-2016-1200 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for kcoreaddons fixes the following issues :\n\n - CVE-2016-7966: HTML injection in plain text viewer\n (boo#1002977)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002977\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kcoreaddons packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kcoreaddons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kcoreaddons-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kcoreaddons-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kcoreaddons-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kcoreaddons-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kcoreaddons-devel-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kcoreaddons-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libKF5CoreAddons5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libKF5CoreAddons5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libKF5CoreAddons5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libKF5CoreAddons5-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kcoreaddons-5.11.0-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kcoreaddons-debugsource-5.11.0-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kcoreaddons-devel-5.11.0-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kcoreaddons-devel-debuginfo-5.11.0-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kcoreaddons-lang-5.11.0-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libKF5CoreAddons5-5.11.0-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libKF5CoreAddons5-debuginfo-5.11.0-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kcoreaddons-devel-32bit-5.11.0-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kcoreaddons-devel-debuginfo-32bit-5.11.0-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libKF5CoreAddons5-32bit-5.11.0-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libKF5CoreAddons5-debuginfo-32bit-5.11.0-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kcoreaddons-5.21.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kcoreaddons-debugsource-5.21.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kcoreaddons-devel-5.21.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kcoreaddons-devel-debuginfo-5.21.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"kcoreaddons-lang-5.21.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libKF5CoreAddons5-5.21.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libKF5CoreAddons5-debuginfo-5.21.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kcoreaddons-devel-32bit-5.21.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"kcoreaddons-devel-debuginfo-32bit-5.21.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libKF5CoreAddons5-32bit-5.21.0-18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libKF5CoreAddons5-debuginfo-32bit-5.21.0-18.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kcoreaddons / kcoreaddons-debugsource / kcoreaddons-devel-32bit / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:15:04", "description": "the new package fixes the CVE-2016-7966. for more info please take a\nlook at https://www.kde.org/info/security/advisory-20161006-1.txt\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 20, "cvss3": {"score": 7.3, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2016-11-14T00:00:00", "title": "Fedora 23 : kdepimlibs (2016-f7a079f775)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7966"], "modified": "2016-11-14T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kdepimlibs", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-F7A079F775.NASL", "href": "https://www.tenable.com/plugins/nessus/94750", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-f7a079f775.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94750);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-7966\");\n script_xref(name:\"FEDORA\", value:\"2016-f7a079f775\");\n\n script_name(english:\"Fedora 23 : kdepimlibs (2016-f7a079f775)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"the new package fixes the CVE-2016-7966. for more info please take a\nlook at https://www.kde.org/info/security/advisory-20161006-1.txt\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-f7a079f775\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.kde.org/info/security/advisory-20161006-1.txt\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdepimlibs package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdepimlibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kdepimlibs-4.14.10-15.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdepimlibs\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:35:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7968", "CVE-2016-7967", "CVE-2016-7966"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-11-14T00:00:00", "id": "OPENVAS:1361412562310809993", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809993", "type": "openvas", "title": "Fedora Update for kf5-mailimporter FEDORA-2016-1b042a79bd", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kf5-mailimporter FEDORA-2016-1b042a79bd\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809993\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 17:59:28 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-7967\", \"CVE-2016-7966\", \"CVE-2016-7968\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kf5-mailimporter FEDORA-2016-1b042a79bd\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kf5-mailimporter'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kf5-mailimporter on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-1b042a79bd\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RXQTNHH6KWKDNVMFH2VBDYR4DTY377AT\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kf5-mailimporter\", rpm:\"kf5-mailimporter~16.08.2~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7968", "CVE-2016-7967", "CVE-2016-7966"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-11-14T00:00:00", "id": "OPENVAS:1361412562310810108", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810108", "type": "openvas", "title": "Fedora Update for kf5-kontactinterface FEDORA-2016-1b042a79bd", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kf5-kontactinterface FEDORA-2016-1b042a79bd\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810108\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 17:59:29 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-7967\", \"CVE-2016-7966\", \"CVE-2016-7968\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kf5-kontactinterface FEDORA-2016-1b042a79bd\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kf5-kontactinterface'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kf5-kontactinterface on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-1b042a79bd\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MFNR64APGDBFHHOLXJ6R77A4RUQQR7PR\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kf5-kontactinterface\", rpm:\"kf5-kontactinterface~16.08.2~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7968", "CVE-2016-7967", "CVE-2016-7966"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-11-14T00:00:00", "id": "OPENVAS:1361412562310810117", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810117", "type": "openvas", "title": "Fedora Update for kf5-kcalendarutils FEDORA-2016-1b042a79bd", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kf5-kcalendarutils FEDORA-2016-1b042a79bd\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810117\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 17:59:25 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-7967\", \"CVE-2016-7966\", \"CVE-2016-7968\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kf5-kcalendarutils FEDORA-2016-1b042a79bd\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kf5-kcalendarutils'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kf5-kcalendarutils on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-1b042a79bd\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNDWDPY7CBQLONKPO44K2DE737WP2A2D\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kf5-kcalendarutils\", rpm:\"kf5-kcalendarutils~16.08.2~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7968", "CVE-2016-7967", "CVE-2016-7966"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-11-14T00:00:00", "id": "OPENVAS:1361412562310810114", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810114", "type": "openvas", "title": "Fedora Update for kf5-kdgantt2 FEDORA-2016-1b042a79bd", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kf5-kdgantt2 FEDORA-2016-1b042a79bd\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810114\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 18:00:37 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-7967\", \"CVE-2016-7966\", \"CVE-2016-7968\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kf5-kdgantt2 FEDORA-2016-1b042a79bd\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kf5-kdgantt2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kf5-kdgantt2 on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-1b042a79bd\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CQFZWU3ZCECWCZDR6H7MABX2NKCM4NXP\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kf5-kdgantt2\", rpm:\"kf5-kdgantt2~16.08.2~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7968", "CVE-2016-7967", "CVE-2016-7966"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-11-14T00:00:00", "id": "OPENVAS:1361412562310809986", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809986", "type": "openvas", "title": "Fedora Update for kf5-eventviews FEDORA-2016-1b042a79bd", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kf5-eventviews FEDORA-2016-1b042a79bd\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809986\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 17:59:42 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-7967\", \"CVE-2016-7966\", \"CVE-2016-7968\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kf5-eventviews FEDORA-2016-1b042a79bd\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kf5-eventviews'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kf5-eventviews on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-1b042a79bd\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ZCXB3JJIJX5LZRH7QVFXYLGOUFYYWQA\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kf5-eventviews\", rpm:\"kf5-eventviews~16.08.2~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7968", "CVE-2016-7967", "CVE-2016-7966"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-11-14T00:00:00", "id": "OPENVAS:1361412562310809995", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809995", "type": "openvas", "title": "Fedora Update for kf5-akonadi-contacts FEDORA-2016-1b042a79bd", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kf5-akonadi-contacts FEDORA-2016-1b042a79bd\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809995\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 18:00:51 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-7967\", \"CVE-2016-7966\", \"CVE-2016-7968\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kf5-akonadi-contacts FEDORA-2016-1b042a79bd\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kf5-akonadi-contacts'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kf5-akonadi-contacts on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-1b042a79bd\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BU6YJLGMAWBUIB7SB6CP7MKPNANQ6SIN\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kf5-akonadi-contacts\", rpm:\"kf5-akonadi-contacts~16.08.2~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7968", "CVE-2016-7967", "CVE-2016-7966"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-11-14T00:00:00", "id": "OPENVAS:1361412562310810121", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810121", "type": "openvas", "title": "Fedora Update for kf5-kalarmcal FEDORA-2016-1b042a79bd", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kf5-kalarmcal FEDORA-2016-1b042a79bd\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810121\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 18:00:20 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-7967\", \"CVE-2016-7966\", \"CVE-2016-7968\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kf5-kalarmcal FEDORA-2016-1b042a79bd\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kf5-kalarmcal'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kf5-kalarmcal on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-1b042a79bd\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FS62PXD7JXFPAVGISJONI6IEXZA2VDZ4\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kf5-kalarmcal\", rpm:\"kf5-kalarmcal~16.08.2~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7968", "CVE-2016-7967", "CVE-2016-7966"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-11-14T00:00:00", "id": "OPENVAS:1361412562310810102", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810102", "type": "openvas", "title": "Fedora Update for kf5-akonadi-notes FEDORA-2016-1b042a79bd", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kf5-akonadi-notes FEDORA-2016-1b042a79bd\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810102\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 17:59:22 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-7967\", \"CVE-2016-7966\", \"CVE-2016-7968\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kf5-akonadi-notes FEDORA-2016-1b042a79bd\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kf5-akonadi-notes'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kf5-akonadi-notes on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-1b042a79bd\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLVGSMCSPXNU2JUUHFZXYOJP6565NF5X\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kf5-akonadi-notes\", rpm:\"kf5-akonadi-notes~16.08.2~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7968", "CVE-2016-7967", "CVE-2016-7966"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-11-14T00:00:00", "id": "OPENVAS:1361412562310809997", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809997", "type": "openvas", "title": "Fedora Update for kf5-libgravatar FEDORA-2016-1b042a79bd", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kf5-libgravatar FEDORA-2016-1b042a79bd\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809997\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 18:00:30 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-7967\", \"CVE-2016-7966\", \"CVE-2016-7968\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kf5-libgravatar FEDORA-2016-1b042a79bd\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kf5-libgravatar'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kf5-libgravatar on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-1b042a79bd\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHJHYLAW26FRIYDZXDMBHO7I6CX7KY6L\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kf5-libgravatar\", rpm:\"kf5-libgravatar~16.08.2~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7968", "CVE-2016-7967", "CVE-2016-7966"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-11-14T00:00:00", "id": "OPENVAS:1361412562310809994", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809994", "type": "openvas", "title": "Fedora Update for kf5-messagelib FEDORA-2016-1b042a79bd", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kf5-messagelib FEDORA-2016-1b042a79bd\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809994\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 17:59:38 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-7967\", \"CVE-2016-7966\", \"CVE-2016-7968\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kf5-messagelib FEDORA-2016-1b042a79bd\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kf5-messagelib'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kf5-messagelib on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-1b042a79bd\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUGZPJPLJPIWXIAJ3NO77NA3LAYR2ONH\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kf5-messagelib\", rpm:\"kf5-messagelib~16.08.2~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2020-09-22T18:36:45", "bulletinFamily": "unix", "cvelist": ["CVE-2016-7967", "CVE-2016-7968"], "description": "Arch Linux Security Advisory ASA-201610-5\n=========================================\n\nSeverity: Medium\nDate : 2016-10-07\nCVE-ID : CVE-2016-7967 CVE-2016-7968\nPackage : messagelib\nType : multiple issues\nRemote : Yes\nLink : https://wiki.archlinux.org/index.php/CVE\n\nSummary\n=======\n\nThe package messagelib before version 16.08.1-2 is vulnerable to\nmultiple issues including cross-site scripting and insufficient\nvalidation.\n\nResolution\n==========\n\nUpgrade to 16.08.1-2.\n\n# pacman -Syu \"messagelib>=16.08.1-2\"\n\nThe problems have been fixed upstream but no release is available yet.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2016-7967 (cross-site scripting)\n\nKMail since version 5.3.0 used a QWebEngine based viewer that had\nJavaScript enabled. Since the generated html is executed in the local\nfile security context by default access to remote and local URLs was\nenabled.\n\n- CVE-2016-7968 (insufficient validation)\n\nKMail since version 5.3.0 used a QWebEngine based viewer that had\nJavaScript enabled. HTML Mail contents were not sanitized for\nJavaScript and included code was executed.\n\nImpact\n======\n\nAn attacker is able to access local or remote urls via injected\njavascript.\n\nReferences\n==========\n\nhttps://www.kde.org/info/security/advisory-20161006-1.txt\nhttps://www.kde.org/info/security/advisory-20161006-3.txt\nhttp://seclists.org/oss-sec/2016/q4/23\nhttps://www.kde.org/info/security/advisory-20161006-2.txt\nhttp://seclists.org/oss-sec/2016/q4/21\nhttps://access.redhat.com/security/cve/CVE-2016-7967\nhttps://access.redhat.com/security/cve/CVE-2016-7968s", "modified": "2016-10-07T00:00:00", "published": "2016-10-07T00:00:00", "id": "ASA-201610-5", "href": "https://security.archlinux.org/ASA-201610-5", "type": "archlinux", "title": "[ASA-201610-5] messagelib: multiple issues", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-22T18:36:45", "bulletinFamily": "unix", "cvelist": ["CVE-2016-7966"], "description": "Arch Linux Security Advisory ASA-201610-4\n=========================================\n\nSeverity: Medium\nDate : 2016-10-07\nCVE-ID : CVE-2016-7966\nPackage : kcoreaddons\nType : insufficient validation\nRemote : Yes\nLink : https://wiki.archlinux.org/index.php/CVE\n\nSummary\n=======\n\nThe package kcoreaddons before version 5.26.0-2 is vulnerable to\ninsufficient validation.\n\nResolution\n==========\n\nUpgrade to 5.26.0-2.\n\n# pacman -Syu \"kcoreaddons>=5.26.0-2\"\n\nThe problem has been fixed upstream but no release is available yet.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nThrough a malicious URL that contained a quote character it was\npossible to inject HTML code in KMail's plain text viewer. Due to the\nparser used on the URL it was not possible to include the equal sign\n(=) or a space into the injected HTML, which greatly reduces the\navailable HTML functionality. Although it is possible to include an\nHTML comment indicator to hide content.\n\nImpact\n======\n\nA remote attacker is able to inject HTML code in KMail's plain text\nviewer.\n\nReferences\n==========\n\nhttps://www.kde.org/info/security/advisory-20161006-1.txt\nhttp://seclists.org/oss-sec/2016/q4/23\nhttps://access.redhat.com/security/cve/CVE-2016-7966", "modified": "2016-10-07T00:00:00", "published": "2016-10-07T00:00:00", "id": "ASA-201610-4", "href": "https://security.archlinux.org/ASA-201610-4", "type": "archlinux", "title": "[ASA-201610-4] kcoreaddons: insufficient validation", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
