{"kaspersky": [{"lastseen": "2018-09-13T06:47:31", "references": [], "description": "### *CVSS*:\n9.3\n\n### *Detect date*:\n05/22/2013\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple critical vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or spoof HTTPS servers. \nBelow is a complete list of vulnerabilities\n\n### *Affected products*:\nApple iTunes versions 11.0.2 and earlier\n\n### *Solution*:\nUpdate to latest version \n[iTunew](<https://www.apple.com/itunes/download/>)\n\n### *Original advisories*:\n[Apple bulletin](<http://support.apple.com/kb/HT5766>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Apple iTunes](<https://threats.kaspersky.com/en/product/Apple-iTunes/>)\n\n### *CVE-IDS*:\n[CVE-2013-0992](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0992>) \n[CVE-2013-0999](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0999>) \n[CVE-2013-0993](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0993>) \n[CVE-2013-1014](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1014>) \n[CVE-2013-1006](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1006>) \n[CVE-2013-0991](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0991>) \n[CVE-2013-1001](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1001>) \n[CVE-2013-0997](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0997>) \n[CVE-2013-1003](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1003>) \n[CVE-2013-1008](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1008>) \n[CVE-2013-0996](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0996>) \n[CVE-2013-0998](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0998>) \n[CVE-2013-0995](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0995>) \n[CVE-2013-1002](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1002>) \n[CVE-2013-0994](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0994>) \n[CVE-2013-1005](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1005>) \n[CVE-2013-1004](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1004>) \n[CVE-2013-1010](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1010>) \n[CVE-2013-1011](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1011>) \n[CVE-2013-1007](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1007>) \n[CVE-2013-1000](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1000>)", "edition": 13, "reporter": "Kaspersky Lab", "published": "2013-05-22T00:00:00", "title": "\r KLA10076Multiple vulnerabilities in Apple iTunes ", "type": "kaspersky", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "info", "cvelist": ["CVE-2013-1014", "CVE-2013-1002", "CVE-2013-1005", "CVE-2013-1001", "CVE-2013-1000", "CVE-2013-1003", "CVE-2013-0992", "CVE-2013-0998", "CVE-2013-1004", "CVE-2013-0993", "CVE-2013-0995", "CVE-2013-1007", "CVE-2013-0991", "CVE-2013-0994", "CVE-2013-1011", "CVE-2013-0997", "CVE-2013-1010", "CVE-2013-0996", "CVE-2013-1006", "CVE-2013-1008", "CVE-2013-0999"], "modified": "2018-09-10T00:00:00", "id": "KLA10076", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10076", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-02T21:11:12", "references": ["http://lists.apple.com/archives/security-announce/2013/May/msg00000.html", "http://support.apple.com/kb/HT5766", "http://secunia.com/advisories/53471"], "pluginID": "803807", "description": "This host is installed with Apple iTunes and is prone to\n multiple vulnerabilities.", "edition": 1, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-06-06T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Apple iTunes Multiple Vulnerabilities - June13 (Mac OS X)", "type": "openvas", "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1014", "CVE-2013-1002", "CVE-2013-1005", "CVE-2013-1001", "CVE-2013-1000", "CVE-2013-1003", "CVE-2013-0992", "CVE-2013-0998", "CVE-2013-1004", "CVE-2013-0993", "CVE-2013-0995", "CVE-2013-1007", "CVE-2013-0991", "CVE-2013-0994", "CVE-2013-1011", "CVE-2013-0997", "CVE-2013-1010", "CVE-2013-0996", "CVE-2013-1006", "CVE-2013-1008", "CVE-2013-0999"], "modified": "2017-05-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803807", "id": "OPENVAS:803807", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_itunes_mult_vuln_jun13_macosx.nasl 6104 2017-05-11 09:03:48Z teissa $\n#\n# Apple iTunes Multiple Vulnerabilities - June13 (Mac OS X)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to execute arbitrary code,\n conduct Man-in-the-Middle (MitM) attack or cause heap-based buffer overflow.\n Impact Level: System/Application\";\n\ntag_summary = \"This host is installed with Apple iTunes and is prone to\n multiple vulnerabilities.\";\ntag_solution = \"Upgrade to version 11.0.3 or later,\n For updates refer to http://www.apple.com/itunes/download\";\ntag_insight = \"Multiple flaws due to\n - Improper validation of SSL certificates.\n - Integer overflow error within the 'string.replace()' method.\n - Some vulnerabilities are due to a bundled vulnerable version of WebKit.\n - Array indexing error when handling JSArray objects.\n - Boundary error within the 'string.concat()' method.\";\ntag_affected = \"Apple iTunes before 11.0.3 on Mac OS X\";\n\nif(description)\n{\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_id(803807);\n script_version(\"$Revision: 6104 $\");\n script_cve_id(\"CVE-2013-1014\", \"CVE-2013-1011\", \"CVE-2013-1010\", \"CVE-2013-1008\",\n \"CVE-2013-1007\", \"CVE-2013-1006\", \"CVE-2013-1005\", \"CVE-2013-1004\",\n \"CVE-2013-1003\", \"CVE-2013-1002\", \"CVE-2013-1001\", \"CVE-2013-1000\",\n \"CVE-2013-0999\", \"CVE-2013-0998\", \"CVE-2013-0997\", \"CVE-2013-0996\",\n \"CVE-2013-0995\", \"CVE-2013-0994\", \"CVE-2013-0993\", \"CVE-2013-0992\",\n \"CVE-2013-0991\");\n script_bugtraq_id(59941, 59974, 59976, 59977, 59970, 59973, 59972, 59971,\n 59967, 59965, 59964, 59963, 59960, 59959, 59958, 59957,\n 59956, 59955, 59954, 59953, 59944);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-11 11:03:48 +0200 (Thu, 11 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-06 13:03:34 +0530 (Thu, 06 Jun 2013)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_name(\"Apple iTunes Multiple Vulnerabilities - June13 (Mac OS X)\");\n\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT5766\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/53471\");\n script_xref(name : \"URL\" , value : \"http://lists.apple.com/archives/security-announce/2013/May/msg00000.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_itunes_detect_macosx.nasl\");\n script_mandatory_keys(\"Apple/iTunes/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\nituneVer = \"\";\n\n##Get the version from kb\nituneVer= get_kb_item(\"Apple/iTunes/MacOSX/Version\");\nif(!ituneVer){\n exit(0);\n}\n\n## Check for the vulnerable version\nif(version_is_less(version:ituneVer, test_version:\"11.0.3\"))\n{\n security_message(0);\n exit(0);\n}\n\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-17T13:38:30", "references": ["http://lists.apple.com/archives/security-announce/2013/May/msg00000.html", "http://support.apple.com/kb/HT5766", "http://secunia.com/advisories/53471"], "pluginID": "1361412562310803807", "description": "This host is installed with Apple iTunes and is prone to\n multiple vulnerabilities.", "edition": 6, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-06-06T00:00:00", "title": "Apple iTunes Multiple Vulnerabilities - June13 (Mac OS X)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1014", "CVE-2013-1002", "CVE-2013-1005", "CVE-2013-1001", "CVE-2013-1000", "CVE-2013-1003", "CVE-2013-0992", "CVE-2013-0998", "CVE-2013-1004", "CVE-2013-0993", "CVE-2013-0995", "CVE-2013-1007", "CVE-2013-0991", "CVE-2013-0994", "CVE-2013-1011", "CVE-2013-0997", "CVE-2013-1010", "CVE-2013-0996", "CVE-2013-1006", "CVE-2013-1008", "CVE-2013-0999"], "modified": "2018-09-15T00:00:00", "id": "OPENVAS:1361412562310803807", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803807", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_itunes_mult_vuln_jun13_macosx.nasl 11401 2018-09-15 08:45:50Z cfischer $\n#\n# Apple iTunes Multiple Vulnerabilities - June13 (Mac OS X)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to execute arbitrary code,\n conduct Man-in-the-Middle (MitM) attack or cause heap-based buffer overflow.\");\n script_tag(name:\"affected\", value:\"Apple iTunes before 11.0.3 on Mac OS X\");\n script_tag(name:\"insight\", value:\"Multiple flaws due to\n\n - Improper validation of SSL certificates.\n\n - Integer overflow error within the 'string.replace()' method.\n\n - Some vulnerabilities are due to a bundled vulnerable version of WebKit.\n\n - Array indexing error when handling JSArray objects.\n\n - Boundary error within the 'string.concat()' method.\");\n script_tag(name:\"solution\", value:\"Upgrade to version 11.0.3 or later,\n For updates refer to http://www.apple.com/itunes/download\");\n script_tag(name:\"summary\", value:\"This host is installed with Apple iTunes and is prone to\n multiple vulnerabilities.\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.803807\");\n script_version(\"$Revision: 11401 $\");\n script_cve_id(\"CVE-2013-1014\", \"CVE-2013-1011\", \"CVE-2013-1010\", \"CVE-2013-1008\",\n \"CVE-2013-1007\", \"CVE-2013-1006\", \"CVE-2013-1005\", \"CVE-2013-1004\",\n \"CVE-2013-1003\", \"CVE-2013-1002\", \"CVE-2013-1001\", \"CVE-2013-1000\",\n \"CVE-2013-0999\", \"CVE-2013-0998\", \"CVE-2013-0997\", \"CVE-2013-0996\",\n \"CVE-2013-0995\", \"CVE-2013-0994\", \"CVE-2013-0993\", \"CVE-2013-0992\",\n \"CVE-2013-0991\");\n script_bugtraq_id(59941, 59974, 59976, 59977, 59970, 59973, 59972, 59971,\n 59967, 59965, 59964, 59963, 59960, 59959, 59958, 59957,\n 59956, 59955, 59954, 59953, 59944);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-15 10:45:50 +0200 (Sat, 15 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-06 13:03:34 +0530 (Thu, 06 Jun 2013)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_name(\"Apple iTunes Multiple Vulnerabilities - June13 (Mac OS X)\");\n\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT5766\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/53471\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2013/May/msg00000.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_itunes_detect_macosx.nasl\");\n script_mandatory_keys(\"Apple/iTunes/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nituneVer= get_kb_item(\"Apple/iTunes/MacOSX/Version\");\nif(!ituneVer){\n exit(0);\n}\n\nif(version_is_less(version:ituneVer, test_version:\"11.0.3\"))\n{\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n}\n\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-20T13:22:39", "references": ["http://lists.apple.com/archives/security-announce/2013/May/msg00000.html", "http://support.apple.com/kb/HT5766", "http://secunia.com/advisories/53471"], "pluginID": "803806", "description": "This host is installed with Apple iTunes and is prone to\n multiple vulnerabilities.", "edition": 2, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-06-06T00:00:00", "title": "Apple iTunes Multiple Vulnerabilities - June13 (Windows)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1014", "CVE-2013-1002", "CVE-2013-1005", "CVE-2013-1001", "CVE-2013-1000", "CVE-2013-1003", "CVE-2013-0992", "CVE-2013-0998", "CVE-2013-1004", "CVE-2013-0993", "CVE-2013-0995", "CVE-2013-1007", "CVE-2013-0991", "CVE-2013-0994", "CVE-2013-1011", "CVE-2013-0997", "CVE-2013-1010", "CVE-2013-0996", "CVE-2013-1006", "CVE-2013-1008", "CVE-2013-0999"], "modified": "2017-12-19T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803806", "id": "OPENVAS:803806", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_itunes_mult_vuln_jun13_win.nasl 8169 2017-12-19 08:42:31Z cfischer $\n#\n# Apple iTunes Multiple Vulnerabilities - June13 (Windows)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:itunes\";\n\ntag_impact = \"Successful exploitation will allow attackers to execute arbitrary code,\n conduct Man-in-the-Middle (MitM) attack or cause heap-based buffer overflow.\n Impact Level: System/Application\";\n\ntag_affected = \"Apple iTunes before 11.0.3 on Windows\";\ntag_insight = \"Multiple flaws due to\n - Improper validation of SSL certificates.\n - Integer overflow error within the 'string.replace()' method.\n - Some vulnerabilities are due to a bundled vulnerable version of WebKit.\n - Array indexing error when handling JSArray objects.\n - Boundary error within the 'string.concat()' method.\";\ntag_solution = \"Upgrade to version 11.0.3 or later,\n For updates refer to http://www.apple.com/itunes/download\";\ntag_summary = \"This host is installed with Apple iTunes and is prone to\n multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(803806);\n script_version(\"$Revision: 8169 $\");\n script_cve_id(\"CVE-2013-1014\", \"CVE-2013-1011\", \"CVE-2013-1010\", \"CVE-2013-1008\",\n \"CVE-2013-1007\", \"CVE-2013-1006\", \"CVE-2013-1005\", \"CVE-2013-1004\",\n \"CVE-2013-1003\", \"CVE-2013-1002\", \"CVE-2013-1001\", \"CVE-2013-1000\",\n \"CVE-2013-0999\", \"CVE-2013-0998\", \"CVE-2013-0997\", \"CVE-2013-0996\",\n \"CVE-2013-0995\", \"CVE-2013-0994\", \"CVE-2013-0993\", \"CVE-2013-0992\",\n \"CVE-2013-0991\");\n script_bugtraq_id(59941, 59974, 59976, 59977, 59970, 59973, 59972, 59971,\n 59967, 59965, 59964, 59963, 59960, 59959, 59958, 59957,\n 59956, 59955, 59954, 59953, 59944);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 09:42:31 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-06 13:03:34 +0530 (Thu, 06 Jun 2013)\");\n script_name(\"Apple iTunes Multiple Vulnerabilities - June13 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT5766\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/53471\");\n script_xref(name : \"URL\" , value : \"http://lists.apple.com/archives/security-announce/2013/May/msg00000.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_itunes_detection_win_900123.nasl\");\n script_mandatory_keys(\"iTunes/Win/Installed\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ninfos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE );\nvers = infos['version'];\npath = infos['location'];\n\n## Check for the vulnerable version\nif( version_is_less( version:vers, test_version:\"11.0.3\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"11.0.3\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-17T13:38:14", "references": ["http://lists.apple.com/archives/security-announce/2013/May/msg00000.html", "http://support.apple.com/kb/HT5766", "http://secunia.com/advisories/53471"], "pluginID": "1361412562310803806", "description": "This host is installed with Apple iTunes and is prone to\n multiple vulnerabilities.", "edition": 6, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-06-06T00:00:00", "title": "Apple iTunes Multiple Vulnerabilities - June13 (Windows)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1014", "CVE-2013-1002", "CVE-2013-1005", "CVE-2013-1001", "CVE-2013-1000", "CVE-2013-1003", "CVE-2013-0992", "CVE-2013-0998", "CVE-2013-1004", "CVE-2013-0993", "CVE-2013-0995", "CVE-2013-1007", "CVE-2013-0991", "CVE-2013-0994", "CVE-2013-1011", "CVE-2013-0997", "CVE-2013-1010", "CVE-2013-0996", "CVE-2013-1006", "CVE-2013-1008", "CVE-2013-0999"], "modified": "2018-09-15T00:00:00", "id": "OPENVAS:1361412562310803806", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803806", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_itunes_mult_vuln_jun13_win.nasl 11401 2018-09-15 08:45:50Z cfischer $\n#\n# Apple iTunes Multiple Vulnerabilities - June13 (Windows)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:itunes\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803806\");\n script_version(\"$Revision: 11401 $\");\n script_cve_id(\"CVE-2013-1014\", \"CVE-2013-1011\", \"CVE-2013-1010\", \"CVE-2013-1008\",\n \"CVE-2013-1007\", \"CVE-2013-1006\", \"CVE-2013-1005\", \"CVE-2013-1004\",\n \"CVE-2013-1003\", \"CVE-2013-1002\", \"CVE-2013-1001\", \"CVE-2013-1000\",\n \"CVE-2013-0999\", \"CVE-2013-0998\", \"CVE-2013-0997\", \"CVE-2013-0996\",\n \"CVE-2013-0995\", \"CVE-2013-0994\", \"CVE-2013-0993\", \"CVE-2013-0992\",\n \"CVE-2013-0991\");\n script_bugtraq_id(59941, 59974, 59976, 59977, 59970, 59973, 59972, 59971,\n 59967, 59965, 59964, 59963, 59960, 59959, 59958, 59957,\n 59956, 59955, 59954, 59953, 59944);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-15 10:45:50 +0200 (Sat, 15 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-06 13:03:34 +0530 (Thu, 06 Jun 2013)\");\n script_name(\"Apple iTunes Multiple Vulnerabilities - June13 (Windows)\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT5766\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/53471\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2013/May/msg00000.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_itunes_detection_win_900123.nasl\");\n script_mandatory_keys(\"iTunes/Win/Installed\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to execute arbitrary code,\n conduct Man-in-the-Middle (MitM) attack or cause heap-based buffer overflow.\");\n script_tag(name:\"affected\", value:\"Apple iTunes before 11.0.3 on Windows\");\n script_tag(name:\"insight\", value:\"Multiple flaws due to\n\n - Improper validation of SSL certificates.\n\n - Integer overflow error within the 'string.replace()' method.\n\n - Some vulnerabilities are due to a bundled vulnerable version of WebKit.\n\n - Array indexing error when handling JSArray objects.\n\n - Boundary error within the 'string.concat()' method.\");\n script_tag(name:\"solution\", value:\"Upgrade to version 11.0.3 or later,\n For updates refer to http://www.apple.com/itunes/download\");\n script_tag(name:\"summary\", value:\"This host is installed with Apple iTunes and is prone to\n multiple vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ninfos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE );\nvers = infos['version'];\npath = infos['location'];\n\nif( version_is_less( version:vers, test_version:\"11.0.3\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"11.0.3\", install_path:path );\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:20", "references": ["http://www.vmware.com/security/advisories/VMSA-2013-0001.html"], "pluginID": "103655", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2013-0001.\n\nSummary\nVMware vSphere security updates for for the authentication service and third party libraries\n\nRelevant releases\nvCenter Server 4.1 without Update 3a\nvSphere Client 4.1 without Update 3a\nESXi 4.1 without patch ESXi410-201301401-SG\nESXi 4.0 without patches ESXi400-201302401-SG and ESXi400-201302403-SG \nESX 4.1 without patches ESX410-201301401-SG, ESX410-201301402-SG, ESX410-201301403-SG and ESX410-201301405-SG\n\nProblem Description\n\na. VMware vSphere client-side authentication memory corruption vulnerability\nVMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the\nhandling of the management authentication protocol. To exploit this\nvulnerability, an attacker must convince either vCenter Server,\nvSphere Client or ESX to interact with a malicious server as a \nclient. Exploitation of the issue may lead to code execution on the client\nsystem.\n\nTo reduce the likelihood of exploitation, vSphere components should be\ndeployed on an isolated management network. \n\nb. Update to ESX/ESXi libxml2 userworld and service console\n\nThe ESX/ESXi userworld libxml2 library has been updated to resolve\nmultiple security issues. Also, the ESX service console libxml2\npackages are updated to the following versions:\n\nlibxml2-2.6.26-2.1.15.el5_8.5\nlibxml2-python-2.6.26-2.1.15.el5_8.5 \n\nc. Update to ESX service console bind packages\n\nThe ESX service console bind packages are updated to the following versions:\n\nbind-libs-9.3.6-20.P1.el5_8.2\nbind-utils-9.3.6-20.P1.el5_8.2 \n\nd. Update to ESX service console libxslt package\nThe ESX service console libxslt package is updated to version\nlibxslt-1.1.17-4.el5_8.3 to resolve multiple security issues. \n\nSolution\nApply the missing patch(es).", "edition": 1, "reporter": "This script is Copyright (C) 2012 Greenbone Networks GmbH", "published": "2013-02-04T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "VMSA-2013-0001 VMware vSphere security updates for the authentication service and third party libraries", "type": "openvas", "naslFamily": "VMware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-4244", "CVE-2012-2870", "CVE-2011-3102", "CVE-2012-2807", "CVE-2013-1405"], "modified": "2017-05-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=103655", "id": "OPENVAS:103655", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_VMSA-2013-0001.nasl 6104 2017-05-11 09:03:48Z teissa $\n#\n# VMSA-2013-0001 VMware vSphere security updates for the authentication service and third party libraries\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_summary = \"The remote ESXi is missing one or more security related Updates from VMSA-2013-0001.\n\nSummary\nVMware vSphere security updates for for the authentication service and third party libraries\n\nRelevant releases\nvCenter Server 4.1 without Update 3a\nvSphere Client 4.1 without Update 3a\nESXi 4.1 without patch ESXi410-201301401-SG\nESXi 4.0 without patches ESXi400-201302401-SG and ESXi400-201302403-SG \nESX 4.1 without patches ESX410-201301401-SG, ESX410-201301402-SG, ESX410-201301403-SG and ESX410-201301405-SG\n\nProblem Description\n\na. VMware vSphere client-side authentication memory corruption vulnerability\nVMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the\nhandling of the management authentication protocol. To exploit this\nvulnerability, an attacker must convince either vCenter Server,\nvSphere Client or ESX to interact with a malicious server as a \nclient. Exploitation of the issue may lead to code execution on the client\nsystem.\n\nTo reduce the likelihood of exploitation, vSphere components should be\ndeployed on an isolated management network. \n\nb. Update to ESX/ESXi libxml2 userworld and service console\n\nThe ESX/ESXi userworld libxml2 library has been updated to resolve\nmultiple security issues. Also, the ESX service console libxml2\npackages are updated to the following versions:\n\nlibxml2-2.6.26-2.1.15.el5_8.5\nlibxml2-python-2.6.26-2.1.15.el5_8.5 \n\nc. Update to ESX service console bind packages\n\nThe ESX service console bind packages are updated to the following versions:\n\nbind-libs-9.3.6-20.P1.el5_8.2\nbind-utils-9.3.6-20.P1.el5_8.2 \n\nd. Update to ESX service console libxslt package\nThe ESX service console libxslt package is updated to version\nlibxslt-1.1.17-4.el5_8.3 to resolve multiple security issues. \n\nSolution\nApply the missing patch(es).\";\n\n\nif (description)\n{\n script_id(103655);\n script_cve_id(\"CVE-2013-1405\", \"CVE-2011-3102\", \"CVE-2012-2807\", \"CVE-2012-4244\", \"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\");\n\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version (\"$Revision: 6104 $\");\n script_name(\"VMSA-2013-0001 VMware vSphere security updates for the authentication service and third party libraries\");\n\n\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-11 11:03:48 +0200 (Thu, 11 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 11:02:01 +0100 (Mon, 04 Feb 2013)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\",\"VMware/ESX/version\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://www.vmware.com/security/advisories/VMSA-2013-0001.html\");\n exit(0);\n}\n\ninclude(\"vmware_esx.inc\");\ninclude(\"version_func.inc\");\n\nif(!get_kb_item('VMware/ESXi/LSC'))exit(0);\nif(! esxVersion = get_kb_item(\"VMware/ESX/version\"))exit(0);\n\npatches = make_array(\"4.1.0\",\"ESXi410-201301401-SG\",\n \"4.0.0\",\"ESXi400-201302403-SG\");\n\nif(!patches[esxVersion])exit(0);\n\nif(_esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n\n security_message(port:0);\n exit(0);\n\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:56:18", "references": ["http://www.vmware.com/security/advisories/VMSA-2013-0001.html"], "pluginID": "1361412562310103655", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2013-0001.\n\nSummary\nVMware vSphere security updates for for the authentication service and third party libraries\n\nRelevant releases\nvCenter Server 4.1 without Update 3a\nvSphere Client 4.1 without Update 3a\nESXi 4.1 without patch ESXi410-201301401-SG\nESXi 4.0 without patches ESXi400-201302401-SG and ESXi400-201302403-SG\nESX 4.1 without patches ESX410-201301401-SG, ESX410-201301402-SG, ESX410-201301403-SG and ESX410-201301405-SG\n\nProblem Description\n\na. VMware vSphere client-side authentication memory corruption vulnerability\nVMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the\nhandling of the management authentication protocol. To exploit this\nvulnerability, an attacker must convince either vCenter Server,\nvSphere Client or ESX to interact with a malicious server as a\nclient. Exploitation of the issue may lead to code execution on the client\nsystem.\n\nTo reduce the likelihood of exploitation, vSphere components should be\ndeployed on an isolated management network.\n\nb. Update to ESX/ESXi libxml2 userworld and service console\n\nThe ESX/ESXi userworld libxml2 library has been updated to resolve\nmultiple security issues. Also, the ESX service console libxml2\npackages are updated to the following versions:\n\nlibxml2-2.6.26-2.1.15.el5_8.5\nlibxml2-python-2.6.26-2.1.15.el5_8.5\n\nc. Update to ESX service console bind packages\n\nThe ESX service console bind packages are updated to the following versions:\n\nbind-libs-9.3.6-20.P1.el5_8.2\nbind-utils-9.3.6-20.P1.el5_8.2\n\nd. Update to ESX service console libxslt package\nThe ESX service console libxslt package is updated to version\nlibxslt-1.1.17-4.el5_8.3 to resolve multiple security issues.\n\nSolution\nApply the missing patch(es).", "edition": 4, "reporter": "This script is Copyright (C) 2013 Greenbone Networks GmbH", "published": "2013-02-04T00:00:00", "title": "VMSA-2013-0001 VMware vSphere security updates for the authentication service and third party libraries", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "VMware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-4244", "CVE-2012-2870", "CVE-2011-3102", "CVE-2012-2807", "CVE-2013-1405"], "modified": "2018-08-24T00:00:00", "id": "OPENVAS:1361412562310103655", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103655", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_VMSA-2013-0001.nasl 11103 2018-08-24 10:37:26Z mmartin $\n#\n# VMSA-2013-0001 VMware vSphere security updates for the authentication service and third party libraries\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103655\");\n script_cve_id(\"CVE-2013-1405\", \"CVE-2011-3102\", \"CVE-2012-2807\", \"CVE-2012-4244\", \"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\");\n\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 11103 $\");\n script_name(\"VMSA-2013-0001 VMware vSphere security updates for the authentication service and third party libraries\");\n\n\n script_tag(name:\"last_modification\", value:\"$Date: 2018-08-24 12:37:26 +0200 (Fri, 24 Aug 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 11:02:01 +0100 (Mon, 04 Feb 2013)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2013 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\", \"VMware/ESX/version\");\n script_tag(name:\"summary\", value:\"The remote ESXi is missing one or more security related Updates from VMSA-2013-0001.\n\nSummary\nVMware vSphere security updates for for the authentication service and third party libraries\n\nRelevant releases\nvCenter Server 4.1 without Update 3a\nvSphere Client 4.1 without Update 3a\nESXi 4.1 without patch ESXi410-201301401-SG\nESXi 4.0 without patches ESXi400-201302401-SG and ESXi400-201302403-SG\nESX 4.1 without patches ESX410-201301401-SG, ESX410-201301402-SG, ESX410-201301403-SG and ESX410-201301405-SG\n\nProblem Description\n\na. VMware vSphere client-side authentication memory corruption vulnerability\nVMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the\nhandling of the management authentication protocol. To exploit this\nvulnerability, an attacker must convince either vCenter Server,\nvSphere Client or ESX to interact with a malicious server as a\nclient. Exploitation of the issue may lead to code execution on the client\nsystem.\n\nTo reduce the likelihood of exploitation, vSphere components should be\ndeployed on an isolated management network.\n\nb. Update to ESX/ESXi libxml2 userworld and service console\n\nThe ESX/ESXi userworld libxml2 library has been updated to resolve\nmultiple security issues. Also, the ESX service console libxml2\npackages are updated to the following versions:\n\nlibxml2-2.6.26-2.1.15.el5_8.5\nlibxml2-python-2.6.26-2.1.15.el5_8.5\n\nc. Update to ESX service console bind packages\n\nThe ESX service console bind packages are updated to the following versions:\n\nbind-libs-9.3.6-20.P1.el5_8.2\nbind-utils-9.3.6-20.P1.el5_8.2\n\nd. Update to ESX service console libxslt package\nThe ESX service console libxslt package is updated to version\nlibxslt-1.1.17-4.el5_8.3 to resolve multiple security issues.\n\nSolution\nApply the missing patch(es).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.vmware.com/security/advisories/VMSA-2013-0001.html\");\n exit(0);\n}\n\ninclude(\"vmware_esx.inc\");\ninclude(\"version_func.inc\");\n\nif(!get_kb_item('VMware/ESXi/LSC'))exit(0);\nif(! esxVersion = get_kb_item(\"VMware/ESX/version\"))exit(0);\n\npatches = make_array(\"4.1.0\",\"ESXi410-201301401-SG\",\n \"4.0.0\",\"ESXi400-201302403-SG\");\n\nif(!patches[esxVersion])exit(0);\n\nif(_esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n\n security_message(port:0);\n exit(0);\n\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:50:55", "references": ["http://linux.oracle.com/errata/ELSA-2012-1265.html"], "pluginID": "1361412562310123820", "description": "Oracle Linux Local Security Checks ELSA-2012-1265", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-10-06T00:00:00", "title": "Oracle Linux Local Check: ELSA-2012-1265", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:1361412562310123820", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123820", "sourceData": "# OpenVAS Vulnerability Test \n# Description: Oracle Linux Local Check \n# $Id: ELSA-2012-1265.nasl 6557 2017-07-06 11:55:33Z cfischer $\n \n# Authors: \n# Eero Volotinen <eero.volotinen@solinor.com> \n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.123820\");\nscript_version(\"$Revision: 6557 $\");\nscript_tag(name:\"creation_date\", value:\"2015-10-06 14:08:59 +0300 (Tue, 06 Oct 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 13:55:33 +0200 (Thu, 06 Jul 2017) $\");\nscript_name(\"Oracle Linux Local Check: ELSA-2012-1265\");\nscript_tag(name: \"insight\", value: \"ELSA-2012-1265 - libxslt security update - [1.1.26-2.0.2.el6_3.1]- Increment release to avoid ULN conflict with previous release.[1.1.26-2.0.1.el6_3.1]- Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball[1.1.26-2.el6_3.1]- fixes CVE-2011-1202 CVE-2011-3970 CVE-2012-2825 CVE-2012-2871 CVE-2012-2870- Fix direct pattern matching bug- Fix popping of vars in xsltCompilerNodePop- Fix bug 602515- Fix generate-id() to not expose object addresses (CVE-2011-1202)- Fix some case of pattern parsing errors (CVE-2011-3970)- Fix a bug in selecting XSLT elements (CVE-2012-2825)- Fix portability to upcoming libxml2-2.9.0- Fix default template processing on namespace nodes (CVE-2012-2871)- Cleanup of the pattern compilation code (CVE-2012-2870)- Hardening of code checking node types in various entry point (CVE-2012-2870)- Hardening of code checking node types in EXSLT (CVE-2012-2870)- Fix system-property with unknown namespace- Xsltproc should return an error code if xinclude fails- Fix a dictionary string usage- Avoid a heap use after free error\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_tag(name : \"summary\", value : \"Oracle Linux Local Security Checks ELSA-2012-1265\");\nscript_xref(name : \"URL\" , value : \"http://linux.oracle.com/errata/ELSA-2012-1265.html\");\nscript_cve_id(\"CVE-2011-1202\",\"CVE-2011-3970\",\"CVE-2012-2825\",\"CVE-2012-2870\",\"CVE-2012-2871\");\nscript_tag(name:\"cvss_base\", value:\"6.8\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\");\nscript_category(ACT_GATHER_INFO);\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Oracle Linux Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\nrelease = get_kb_item(\"ssh/login/release\");\nres = \"\";\nif(release == NULL)\n{\n exit(0);\n}\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.17~4.0.1.el5_8.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.17~4.0.1.el5_8.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.17~4.0.1.el5_8.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~2.0.2.el6_3.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.26~2.0.2.el6_3.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.26~2.0.2.el6_3.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0); \n }\n\n}\nif (__pkg_match) exit(99); #Not vulnerable\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:01:35", "references": ["https://www.redhat.com/archives/rhsa-announce/2012-September/msg00020.html", "2012:1265-01"], "pluginID": "1361412562310870826", "description": "Check for the Version of libxslt", "edition": 3, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "published": "2012-09-17T00:00:00", "title": "RedHat Update for libxslt RHSA-2012:1265-01", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870826", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870826", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for libxslt RHSA-2012:1265-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"libxslt is a library for transforming XML files into other textual formats\n (including HTML, plain text, and other XML representations of the\n underlying data) using the standard XSLT stylesheet transformation\n mechanism.\n\n A heap-based buffer overflow flaw was found in the way libxslt applied\n templates to nodes selected by certain namespaces. An attacker could use\n this flaw to create a malicious XSL file that, when used by an application\n linked against libxslt to perform an XSL transformation, could cause the\n application to crash or, possibly, execute arbitrary code with the\n privileges of the user running the application. (CVE-2012-2871)\n\n Several denial of service flaws were found in libxslt. An attacker could\n use these flaws to create a malicious XSL file that, when used by an\n application linked against libxslt to perform an XSL transformation, could\n cause the application to crash. (CVE-2012-2825, CVE-2012-2870,\n CVE-2011-3970)\n\n An information leak could occur if an application using libxslt processed\n an untrusted XPath expression, or used a malicious XSL file to perform an\n XSL transformation. If combined with other flaws, this leak could possibly\n help an attacker bypass intended memory corruption protections.\n (CVE-2011-1202)\n\n All libxslt users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. All running\n applications linked against libxslt must be restarted for this update to\n take effect.\";\n\ntag_affected = \"libxslt on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00020.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870826\");\n script_version(\"$Revision: 9352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:13:02 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:40:43 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\",\n \"CVE-2012-2870\", \"CVE-2012-2871\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:1265-01\");\n script_name(\"RedHat Update for libxslt RHSA-2012:1265-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libxslt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~2.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-debuginfo\", rpm:\"libxslt-debuginfo~1.1.26~2.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.26~2.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-debuginfo\", rpm:\"libxslt-debuginfo~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-03T10:57:00", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088344.html", "2012-14048"], "pluginID": "864756", "description": "Check for the Version of libxslt", "edition": 3, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "published": "2012-10-03T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for libxslt FEDORA-2012-14048", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2018-01-03T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=864756", "id": "OPENVAS:864756", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libxslt FEDORA-2012-14048\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libxslt on Fedora 16\";\ntag_insight = \"This C library allows to transform XML files into other XML files\n (or HTML, text, ...) using the standard XSLT stylesheet transformation\n mechanism. To use it you need to have a version of libxml2 >= 2.6.27\n installed. The xsltproc command is a command line interface to the XSLT engine\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088344.html\");\n script_id(864756);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-03 09:18:51 +0530 (Wed, 03 Oct 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2871\",\n \"CVE-2012-2870\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-14048\");\n script_name(\"Fedora Update for libxslt FEDORA-2012-14048\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libxslt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~9.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:59:57", "references": ["2012:1265", "http://lists.centos.org/pipermail/centos-announce/2012-September/018873.html"], "pluginID": "1361412562310881494", "description": "Check for the Version of libxslt", "edition": 3, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "published": "2012-09-17T00:00:00", "title": "CentOS Update for libxslt CESA-2012:1265 centos6 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310881494", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881494", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libxslt CESA-2012:1265 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"libxslt is a library for transforming XML files into other textual formats\n (including HTML, plain text, and other XML representations of the\n underlying data) using the standard XSLT stylesheet transformation\n mechanism.\n\n A heap-based buffer overflow flaw was found in the way libxslt applied\n templates to nodes selected by certain namespaces. An attacker could use\n this flaw to create a malicious XSL file that, when used by an application\n linked against libxslt to perform an XSL transformation, could cause the\n application to crash or, possibly, execute arbitrary code with the\n privileges of the user running the application. (CVE-2012-2871)\n \n Several denial of service flaws were found in libxslt. An attacker could\n use these flaws to create a malicious XSL file that, when used by an\n application linked against libxslt to perform an XSL transformation, could\n cause the application to crash. (CVE-2012-2825, CVE-2012-2870,\n CVE-2011-3970)\n \n An information leak could occur if an application using libxslt processed\n an untrusted XPath expression, or used a malicious XSL file to perform an\n XSL transformation. If combined with other flaws, this leak could possibly\n help an attacker bypass intended memory corruption protections.\n (CVE-2011-1202)\n \n All libxslt users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. All running\n applications linked against libxslt must be restarted for this update to\n take effect.\";\n\ntag_affected = \"libxslt on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-September/018873.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881494\");\n script_version(\"$Revision: 9352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:13:02 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:45:53 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\",\n \"CVE-2012-2871\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:1265\");\n script_name(\"CentOS Update for libxslt CESA-2012:1265 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libxslt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~2.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.26~2.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.26~2.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2018-09-01T23:47:45", "references": ["http://support.apple.com/kb/HT6001", "http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html"], "pluginID": "70588", "description": "The version of Apple iTunes installed on the remote Windows host is older than 11.1.2. It is, therefore, potentially affected by several issues :\n\n - An uninitialized memory access issue exists in the handling of text tracks, which could lead to memory corruption and possibly arbitrary code execution.\n (CVE-2013-1024)\n\n - The included versions of WebKit, libxml, and libxslt contain several errors that could lead to memory corruption and possibly arbitrary code execution. The vendor notes that one possible attack vector is a man-in-the-middle attack while the application browses the 'iTunes Store'.\n (CVE-2011-3102, CVE-2012-0841, CVE-2012-2807, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-5134, CVE-2013-1037, CVE-2013-1038, CVE-2013-1039, CVE-2013-1040, CVE-2013-1041, CVE-2013-1042, CVE-2013-1043, CVE-2013-1044, CVE-2013-1045, CVE-2013-1046, CVE-2013-1047, CVE-2013-2842, CVE-2013-5125, CVE-2013-5126, CVE-2013-5127, CVE-2013-5128)", "edition": 5, "reporter": "Tenable", "published": "2013-10-24T00:00:00", "title": "Apple iTunes < 11.1.2 Multiple Vulnerabilities (credentialed check)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1045", "CVE-2013-1038", "CVE-2013-2842", "CVE-2012-2871", "CVE-2013-1040", "CVE-2013-1043", "CVE-2013-1044", "CVE-2013-5126", "CVE-2013-5125", "CVE-2012-2825", "CVE-2012-5134", "CVE-2013-5128", "CVE-2013-1042", "CVE-2013-1046", "CVE-2013-1041", "CVE-2013-1037", "CVE-2012-2870", "CVE-2013-1039", "CVE-2011-3102", "CVE-2013-5127", "CVE-2012-0841", "CVE-2013-1047", "CVE-2012-2807", "CVE-2013-1024"], "modified": "2018-07-12T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_11_1_2.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=70588", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70588);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/07/12 19:01:17\");\n\n script_cve_id(\n \"CVE-2011-3102\",\n \"CVE-2012-0841\",\n \"CVE-2012-2807\",\n \"CVE-2012-2825\",\n \"CVE-2012-2870\",\n \"CVE-2012-2871\",\n \"CVE-2012-5134\",\n \"CVE-2013-1024\",\n \"CVE-2013-1037\",\n \"CVE-2013-1038\",\n \"CVE-2013-1039\",\n \"CVE-2013-1040\",\n \"CVE-2013-1041\",\n \"CVE-2013-1042\",\n \"CVE-2013-1043\",\n \"CVE-2013-1044\",\n \"CVE-2013-1045\",\n \"CVE-2013-1046\",\n \"CVE-2013-1047\",\n \"CVE-2013-2842\",\n \"CVE-2013-5125\",\n \"CVE-2013-5126\",\n \"CVE-2013-5127\",\n \"CVE-2013-5128\"\n );\n script_bugtraq_id(\n 52107,\n 53540,\n 54203,\n 54718,\n 55331,\n 56684,\n 60067,\n 60368,\n 62551,\n 62553,\n 62554,\n 62556,\n 62557,\n 62558,\n 62559,\n 62560,\n 62563,\n 62565,\n 62567,\n 62568,\n 62569,\n 62570,\n 62571\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2013-10-22-8\");\n\n script_name(english:\"Apple iTunes < 11.1.2 Multiple Vulnerabilities (credentialed check)\");\n script_summary(english:\"Checks version of iTunes on Windows\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host contains an application that has multiple\nvulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of Apple iTunes installed on the remote Windows host is\nolder than 11.1.2. It is, therefore, potentially affected by several\nissues :\n\n - An uninitialized memory access issue exists in the\n handling of text tracks, which could lead to memory\n corruption and possibly arbitrary code execution.\n (CVE-2013-1024)\n\n - The included versions of WebKit, libxml, and libxslt\n contain several errors that could lead to memory\n corruption and possibly arbitrary code execution. The\n vendor notes that one possible attack vector is a\n man-in-the-middle attack while the application browses\n the 'iTunes Store'.\n (CVE-2011-3102, CVE-2012-0841, CVE-2012-2807,\n CVE-2012-2825, CVE-2012-2870, CVE-2012-2871,\n CVE-2012-5134, CVE-2013-1037, CVE-2013-1038,\n CVE-2013-1039, CVE-2013-1040, CVE-2013-1041,\n CVE-2013-1042, CVE-2013-1043, CVE-2013-1044,\n CVE-2013-1045, CVE-2013-1046, CVE-2013-1047,\n CVE-2013-2842, CVE-2013-5125, CVE-2013-5126,\n CVE-2013-5127, CVE-2013-5128)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT6001\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple iTunes 11.1.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"SMB/iTunes/Version\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nversion = get_kb_item_or_exit(\"SMB/iTunes/Version\");\nfixed_version = \"11.1.2.31\";\npath = get_kb_item_or_exit(\"SMB/iTunes/Path\");\n\nif (ver_compare(ver:version, fix:fixed_version) == -1)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : '+path+\n '\\n Installed version : '+version+\n '\\n Fixed version : '+fixed_version+'\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"iTunes\", version, path);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:47:23", "references": ["http://support.apple.com/kb/HT6001", "http://www.securityfocus.com/archive/1/530870/30/0/threaded"], "pluginID": "72104", "description": "The version of Apple iTunes installed on the remote Windows host is older than 11.1.4. It is, therefore, potentially affected by several issues :\n\n - The included versions of WebKit, libxml, and libxslt contain several errors that could lead to memory corruption and possibly arbitrary code execution. The vendor notes that one possible attack vector is a man-in-the-middle attack while the application browses the 'iTunes Store'. (CVE-2011-3102, CVE-2012-0841, CVE-2012-2807, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-5134, CVE-2013-1037, CVE-2013-1038, CVE-2013-1039, CVE-2013-1040, CVE-2013-1041, CVE-2013-1042, CVE-2013-1043, CVE-2013-1044, CVE-2013-1045, CVE-2013-1046, CVE-2013-1047, CVE-2013-2842, CVE-2013-5125, CVE-2013-5126, CVE-2013-5127, CVE-2013-5128)\n\n - An error exists related to text tracks in movie files that could allow denial of service or arbitrary code execution. (CVE-2013-1024)\n\n - An error exists related to the iTunes Tutorials window that could allow an attacker in a privileged network location to inject content. (CVE-2014-1242)", "edition": 5, "reporter": "Tenable", "published": "2014-01-23T00:00:00", "title": "Apple iTunes < 11.1.4 Multiple Vulnerabilities (credentialed check)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1045", "CVE-2013-1038", "CVE-2013-2842", "CVE-2012-2871", "CVE-2013-1040", "CVE-2013-1043", "CVE-2013-1044", "CVE-2013-5126", "CVE-2013-5125", "CVE-2012-2825", "CVE-2012-5134", "CVE-2013-5128", "CVE-2013-1042", "CVE-2013-1046", "CVE-2013-1041", "CVE-2013-1037", "CVE-2012-2870", "CVE-2013-1039", "CVE-2011-3102", "CVE-2013-5127", "CVE-2012-0841", "CVE-2013-1047", "CVE-2012-2807", "CVE-2014-1242", "CVE-2013-1024"], "modified": "2018-07-12T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_11_1_4.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=72104", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72104);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/12 19:01:17\");\n\n script_cve_id(\n \"CVE-2011-3102\",\n \"CVE-2012-0841\",\n \"CVE-2012-2807\",\n \"CVE-2012-2825\",\n \"CVE-2012-2870\",\n \"CVE-2012-2871\",\n \"CVE-2012-5134\",\n \"CVE-2013-1024\",\n \"CVE-2013-1037\",\n \"CVE-2013-1038\",\n \"CVE-2013-1039\",\n \"CVE-2013-1040\",\n \"CVE-2013-1041\",\n \"CVE-2013-1042\",\n \"CVE-2013-1043\",\n \"CVE-2013-1044\",\n \"CVE-2013-1045\",\n \"CVE-2013-1046\",\n \"CVE-2013-1047\",\n \"CVE-2013-2842\",\n \"CVE-2013-5125\",\n \"CVE-2013-5126\",\n \"CVE-2013-5127\",\n \"CVE-2013-5128\",\n \"CVE-2014-1242\"\n );\n script_bugtraq_id(\n 52107,\n 53540,\n 54203,\n 54718,\n 55331,\n 56684,\n 60067,\n 60368,\n 62551,\n 62553,\n 62554,\n 62556,\n 62557,\n 62558,\n 62559,\n 62560,\n 62563,\n 62565,\n 62567,\n 62568,\n 62569,\n 62570,\n 62571,\n 65088\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2014-01-22-1\");\n\n script_name(english:\"Apple iTunes < 11.1.4 Multiple Vulnerabilities (credentialed check)\");\n script_summary(english:\"Checks version of iTunes on Windows\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host contains an application that has multiple\nvulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of Apple iTunes installed on the remote Windows host is\nolder than 11.1.4. It is, therefore, potentially affected by several\nissues :\n\n - The included versions of WebKit, libxml, and libxslt\n contain several errors that could lead to memory\n corruption and possibly arbitrary code execution. The\n vendor notes that one possible attack vector is a\n man-in-the-middle attack while the application browses\n the 'iTunes Store'. (CVE-2011-3102, CVE-2012-0841,\n CVE-2012-2807, CVE-2012-2825, CVE-2012-2870,\n CVE-2012-2871, CVE-2012-5134, CVE-2013-1037,\n CVE-2013-1038, CVE-2013-1039, CVE-2013-1040,\n CVE-2013-1041, CVE-2013-1042, CVE-2013-1043,\n CVE-2013-1044, CVE-2013-1045, CVE-2013-1046,\n CVE-2013-1047, CVE-2013-2842, CVE-2013-5125,\n CVE-2013-5126, CVE-2013-5127, CVE-2013-5128)\n\n - An error exists related to text tracks in movie files\n that could allow denial of service or arbitrary code\n execution. (CVE-2013-1024)\n\n - An error exists related to the iTunes Tutorials window\n that could allow an attacker in a privileged network\n location to inject content. (CVE-2014-1242)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT6001\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/530870/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple iTunes 11.1.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"SMB/iTunes/Version\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nversion = get_kb_item_or_exit(\"SMB/iTunes/Version\");\npath = get_kb_item_or_exit(\"SMB/iTunes/Path\");\n\nfixed_version = \"11.1.4.62\";\nif (ver_compare(ver:version, fix:fixed_version) < 0)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : '+path+\n '\\n Installed version : '+version+\n '\\n Fixed version : '+fixed_version+'\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"iTunes\", version, path);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:50:11", "references": ["http://support.apple.com/kb/HT6001", "http://www.securityfocus.com/archive/1/530870/30/0/threaded"], "pluginID": "72105", "description": "The version of Apple iTunes on the remote host is prior to version 11.1.4. It is, therefore, affected by multiple vulnerabilities :\n\n - The included versions of the WebKit, libxml, and libxslt components in iTunes contain several errors that can lead to memory corruption and arbitrary code execution.\n The vendor states that one possible vector is a man-in- the-middle attack while the application browses the 'iTunes Store'. Please note that these vulnerabilities only affect the application when it is running on a Windows host. (CVE-2011-3102, CVE-2012-0841, CVE-2012-2807, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-5134, CVE-2013-1037, CVE-2013-1038, CVE-2013-1039, CVE-2013-1040, CVE-2013-1041, CVE-2013-1042, CVE-2013-1043, CVE-2013-1044, CVE-2013-1045, CVE-2013-1046, CVE-2013-1047, CVE-2013-2842, CVE-2013-5125, CVE-2013-5126, CVE-2013-5127, CVE-2013-5128)\n\n - An uninitialized memory access error exists in the handling of text tracks. By using a specially crafted movie file, a remote attacker can exploit this to cause a denial of service or execute arbitrary code.\n (CVE-2013-1024)\n\n - An error exists related to the iTunes Tutorials window that can allow an attacker in a privileged network location to inject content. Note that this vulnerability only affects the application installed on a Mac OS X host. (CVE-2014-1242)", "edition": 5, "reporter": "Tenable", "published": "2014-01-23T00:00:00", "title": "Apple iTunes < 11.1.4 Multiple Vulnerabilities (uncredentialed check)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Peer-To-Peer File Sharing", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1045", "CVE-2013-1038", "CVE-2013-2842", "CVE-2012-2871", "CVE-2013-1040", "CVE-2013-1043", "CVE-2013-1044", "CVE-2013-5126", "CVE-2013-5125", "CVE-2012-2825", "CVE-2012-5134", "CVE-2013-5128", "CVE-2013-1042", "CVE-2013-1046", "CVE-2013-1041", "CVE-2013-1037", "CVE-2012-2870", "CVE-2013-1039", "CVE-2011-3102", "CVE-2013-5127", "CVE-2012-0841", "CVE-2013-1047", "CVE-2012-2807", "CVE-2014-1242", "CVE-2013-1024"], "modified": "2018-07-12T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_11_1_4_BANNER.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=72105", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72105);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/12 19:01:16\");\n\n script_cve_id(\n \"CVE-2011-3102\",\n \"CVE-2012-0841\",\n \"CVE-2012-2807\",\n \"CVE-2012-2825\",\n \"CVE-2012-2870\",\n \"CVE-2012-2871\",\n \"CVE-2012-5134\",\n \"CVE-2013-1024\",\n \"CVE-2013-1037\",\n \"CVE-2013-1038\",\n \"CVE-2013-1039\",\n \"CVE-2013-1040\",\n \"CVE-2013-1041\",\n \"CVE-2013-1042\",\n \"CVE-2013-1043\",\n \"CVE-2013-1044\",\n \"CVE-2013-1045\",\n \"CVE-2013-1046\",\n \"CVE-2013-1047\",\n \"CVE-2013-2842\",\n \"CVE-2013-5125\",\n \"CVE-2013-5126\",\n \"CVE-2013-5127\",\n \"CVE-2013-5128\",\n \"CVE-2014-1242\"\n );\n script_bugtraq_id(\n 52107,\n 53540,\n 54203,\n 54718,\n 55331,\n 56684,\n 60067,\n 60368,\n 62551,\n 62553,\n 62554,\n 62556,\n 62557,\n 62558,\n 62559,\n 62560,\n 62563,\n 62565,\n 62567,\n 62568,\n 62569,\n 62570,\n 62571,\n 65088\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2014-01-22-1\");\n\n script_name(english:\"Apple iTunes < 11.1.4 Multiple Vulnerabilities (uncredentialed check)\");\n script_summary(english:\"Checks the version of iTunes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a multimedia application that has multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes on the remote host is prior to version\n11.1.4. It is, therefore, affected by multiple vulnerabilities :\n\n - The included versions of the WebKit, libxml, and libxslt\n components in iTunes contain several errors that can\n lead to memory corruption and arbitrary code execution.\n The vendor states that one possible vector is a man-in-\n the-middle attack while the application browses the\n 'iTunes Store'. Please note that these vulnerabilities\n only affect the application when it is running on a\n Windows host. (CVE-2011-3102, CVE-2012-0841,\n CVE-2012-2807, CVE-2012-2825, CVE-2012-2870,\n CVE-2012-2871, CVE-2012-5134, CVE-2013-1037,\n CVE-2013-1038, CVE-2013-1039, CVE-2013-1040,\n CVE-2013-1041, CVE-2013-1042, CVE-2013-1043,\n CVE-2013-1044, CVE-2013-1045, CVE-2013-1046,\n CVE-2013-1047, CVE-2013-2842, CVE-2013-5125,\n CVE-2013-5126, CVE-2013-5127, CVE-2013-5128)\n\n - An uninitialized memory access error exists in the\n handling of text tracks. By using a specially crafted\n movie file, a remote attacker can exploit this to cause\n a denial of service or execute arbitrary code.\n (CVE-2013-1024)\n\n - An error exists related to the iTunes Tutorials window\n that can allow an attacker in a privileged network\n location to inject content. Note that this vulnerability\n only affects the application installed on a Mac OS X\n host. (CVE-2014-1242)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT6001\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/530870/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple iTunes 11.1.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_family(english:\"Peer-To-Peer File Sharing\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"itunes_sharing.nasl\");\n script_require_keys(\"iTunes/sharing\");\n script_require_ports(\"Services/www\", 3689);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);\n\nget_kb_item_or_exit(\"iTunes/\" + port + \"/enabled\");\n\ntype = get_kb_item_or_exit(\"iTunes/\" + port + \"/type\");\nsource = get_kb_item_or_exit(\"iTunes/\" + port + \"/source\");\nversion = get_kb_item_or_exit(\"iTunes/\" + port + \"/version\");\n\nif (type == 'AppleTV') audit(AUDIT_LISTEN_NOT_VULN, \"iTunes on AppleTV\", port, version);\n\nfixed_version = \"11.1.4\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"iTunes\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:51:41", "references": ["http://www.nessus.org/u?c88f1609", "http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html"], "pluginID": "70589", "description": "The version of Apple iTunes on the remote host is prior to version 11.1.2. It is, therefore, affected by multiple vulnerabilities :\n\n - An uninitialized memory access error exists in the handling of text tracks. By using a specially crafted movie file, a remote attacker can exploit this to cause a denial of service or execute arbitrary code.\n (CVE-2013-1024)\n\n - The included versions of the WebKit, libxml, and libxslt components in iTunes contain several errors that can lead to memory corruption and arbitrary code execution.\n The vendor states that one possible vector is a man-in- the-middle attack while the application browses the 'iTunes Store'.\n (CVE-2011-3102, CVE-2012-0841, CVE-2012-2807, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-5134, CVE-2013-1037, CVE-2013-1038, CVE-2013-1039, CVE-2013-1040, CVE-2013-1041, CVE-2013-1042, CVE-2013-1043, CVE-2013-1044, CVE-2013-1045, CVE-2013-1046, CVE-2013-1047, CVE-2013-2842, CVE-2013-5125, CVE-2013-5126, CVE-2013-5127, CVE-2013-5128)", "edition": 5, "reporter": "Tenable", "published": "2013-10-24T00:00:00", "title": "Apple iTunes < 11.1.2 Multiple Vulnerabilities (uncredentialed check)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Peer-To-Peer File Sharing", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1045", "CVE-2013-1038", "CVE-2013-2842", "CVE-2012-2871", "CVE-2013-1040", "CVE-2013-1043", "CVE-2013-1044", "CVE-2013-5126", "CVE-2013-5125", "CVE-2012-2825", "CVE-2012-5134", "CVE-2013-5128", "CVE-2013-1042", "CVE-2013-1046", "CVE-2013-1041", "CVE-2013-1037", "CVE-2012-2870", "CVE-2013-1039", "CVE-2011-3102", "CVE-2013-5127", "CVE-2012-0841", "CVE-2013-1047", "CVE-2012-2807", "CVE-2013-1024"], "modified": "2018-07-12T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_11_1_2_BANNER.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=70589", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70589);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/12 19:01:16\");\n\n script_cve_id(\n \"CVE-2011-3102\",\n \"CVE-2012-0841\",\n \"CVE-2012-2807\",\n \"CVE-2012-2825\",\n \"CVE-2012-2870\",\n \"CVE-2012-2871\",\n \"CVE-2012-5134\",\n \"CVE-2013-1024\",\n \"CVE-2013-1037\",\n \"CVE-2013-1038\",\n \"CVE-2013-1039\",\n \"CVE-2013-1040\",\n \"CVE-2013-1041\",\n \"CVE-2013-1042\",\n \"CVE-2013-1043\",\n \"CVE-2013-1044\",\n \"CVE-2013-1045\",\n \"CVE-2013-1046\",\n \"CVE-2013-1047\",\n \"CVE-2013-2842\",\n \"CVE-2013-5125\",\n \"CVE-2013-5126\",\n \"CVE-2013-5127\",\n \"CVE-2013-5128\"\n );\n script_bugtraq_id(\n 52107,\n 53540,\n 54203,\n 54718,\n 55331,\n 56684,\n 60067,\n 60368,\n 62551,\n 62553,\n 62554,\n 62556,\n 62557,\n 62558,\n 62559,\n 62560,\n 62563,\n 62565,\n 62567,\n 62568,\n 62569,\n 62570,\n 62571\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2013-10-22-8\");\n\n script_name(english:\"Apple iTunes < 11.1.2 Multiple Vulnerabilities (uncredentialed check)\");\n script_summary(english:\"Checks the version of iTunes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a multimedia application that has multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes on the remote host is prior to version\n11.1.2. It is, therefore, affected by multiple vulnerabilities :\n\n - An uninitialized memory access error exists in the\n handling of text tracks. By using a specially crafted\n movie file, a remote attacker can exploit this to cause\n a denial of service or execute arbitrary code.\n (CVE-2013-1024)\n\n - The included versions of the WebKit, libxml, and libxslt\n components in iTunes contain several errors that can\n lead to memory corruption and arbitrary code execution.\n The vendor states that one possible vector is a man-in-\n the-middle attack while the application browses the\n 'iTunes Store'.\n (CVE-2011-3102, CVE-2012-0841, CVE-2012-2807,\n CVE-2012-2825, CVE-2012-2870, CVE-2012-2871,\n CVE-2012-5134, CVE-2013-1037, CVE-2013-1038,\n CVE-2013-1039, CVE-2013-1040, CVE-2013-1041,\n CVE-2013-1042, CVE-2013-1043, CVE-2013-1044,\n CVE-2013-1045, CVE-2013-1046, CVE-2013-1047,\n CVE-2013-2842, CVE-2013-5125, CVE-2013-5126,\n CVE-2013-5127, CVE-2013-5128)\");\n # script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT6001\");\n # https://web.archive.org/web/20131026094619/http://support.apple.com/kb/HT6001\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c88f1609\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple iTunes 11.1.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_family(english:\"Peer-To-Peer File Sharing\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"itunes_sharing.nasl\");\n script_require_keys(\"iTunes/sharing\");\n script_require_ports(\"Services/www\", 3689);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);\n\nget_kb_item_or_exit(\"iTunes/\" + port + \"/enabled\");\n\ntype = get_kb_item_or_exit(\"iTunes/\" + port + \"/type\");\nsource = get_kb_item_or_exit(\"iTunes/\" + port + \"/source\");\nversion = get_kb_item_or_exit(\"iTunes/\" + port + \"/version\");\n\nif (type != 'Windows') audit(AUDIT_OS_NOT, \"Windows\");\n\nfixed_version = \"11.1.2\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"iTunes\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:04:55", "references": ["http://lists.apple.com/archives/security-announce/2013/Sep/msg00008.html", "http://support.apple.com/kb/HT5935", "http://www.securityfocus.com/archive/1/528762/30/0/threaded"], "pluginID": "70257", "description": "According to its banner, the remote Apple TV 2nd generation or later device is prior to 6.0. It is, therefore, reportedly affected by multiple vulnerabilities, the most serious issues of which could result in arbitrary code execution.", "edition": 5, "reporter": "Tenable", "published": "2013-10-01T00:00:00", "title": "Apple TV < 6.0 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Misc.", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1045", "CVE-2013-1002", "CVE-2013-1005", "CVE-2013-1038", "CVE-2013-2842", "CVE-2013-1001", "CVE-2012-2871", "CVE-2013-1040", "CVE-2013-1000", "CVE-2013-5140", "CVE-2013-1003", "CVE-2013-3954", "CVE-2013-0992", "CVE-2013-1043", "CVE-2013-1044", "CVE-2013-0998", "CVE-2013-5126", "CVE-2013-5125", "CVE-2013-1026", "CVE-2013-1004", "CVE-2013-5142", "CVE-2012-2825", "CVE-2013-1019", "CVE-2013-3953", "CVE-2013-1025", "CVE-2013-0879", "CVE-2012-5134", "CVE-2013-0993", "CVE-2013-5128", "CVE-2013-1042", "CVE-2013-0995", "CVE-2013-1007", "CVE-2013-0991", "CVE-2013-5145", "CVE-2013-5139", "CVE-2013-0994", "CVE-2013-1046", "CVE-2013-1041", "CVE-2013-1011", "CVE-2013-5138", "CVE-2013-1037", "CVE-2013-0997", "CVE-2012-2870", "CVE-2013-1010", "CVE-2013-1039", "CVE-2011-3102", "CVE-2013-0996", "CVE-2013-5127", "CVE-2012-0841", "CVE-2013-1006", "CVE-2013-1008", "CVE-2011-2391", "CVE-2013-1047", "CVE-2013-0999", "CVE-2012-2807", "CVE-2013-3950"], "modified": "2018-06-27T00:00:00", "cpe": ["cpe:/a:apple:apple_tv"], "id": "APPLETV_6_0.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=70257", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70257);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/06/27 18:42:26\");\n\n script_cve_id(\n \"CVE-2011-2391\",\n \"CVE-2011-3102\",\n \"CVE-2012-0841\",\n \"CVE-2012-2807\",\n \"CVE-2012-2825\",\n \"CVE-2012-2870\",\n \"CVE-2012-2871\",\n \"CVE-2012-5134\",\n \"CVE-2013-0879\",\n \"CVE-2013-0991\",\n \"CVE-2013-0992\",\n \"CVE-2013-0993\",\n \"CVE-2013-0994\",\n \"CVE-2013-0995\",\n \"CVE-2013-0996\",\n \"CVE-2013-0997\",\n \"CVE-2013-0998\",\n \"CVE-2013-0999\",\n \"CVE-2013-1000\",\n \"CVE-2013-1001\",\n \"CVE-2013-1002\",\n \"CVE-2013-1003\",\n \"CVE-2013-1004\",\n \"CVE-2013-1005\",\n \"CVE-2013-1006\",\n \"CVE-2013-1007\",\n \"CVE-2013-1008\",\n \"CVE-2013-1010\",\n \"CVE-2013-1011\",\n \"CVE-2013-1019\",\n \"CVE-2013-1025\",\n \"CVE-2013-1026\",\n \"CVE-2013-1037\",\n \"CVE-2013-1038\",\n \"CVE-2013-1039\",\n \"CVE-2013-1040\",\n \"CVE-2013-1041\",\n \"CVE-2013-1042\",\n \"CVE-2013-1043\",\n \"CVE-2013-1044\",\n \"CVE-2013-1045\",\n \"CVE-2013-1046\",\n \"CVE-2013-1047\",\n \"CVE-2013-2842\",\n \"CVE-2013-3950\",\n \"CVE-2013-3953\",\n \"CVE-2013-3954\",\n \"CVE-2013-5125\",\n \"CVE-2013-5126\",\n \"CVE-2013-5127\",\n \"CVE-2013-5128\",\n \"CVE-2013-5138\",\n \"CVE-2013-5139\",\n \"CVE-2013-5140\",\n \"CVE-2013-5142\",\n \"CVE-2013-5145\"\n );\n script_bugtraq_id(\n 52107,\n 53540,\n 54203,\n 54718,\n 55331,\n 56684,\n 59326,\n 59944,\n 59953,\n 59954,\n 59955,\n 59956,\n 59957,\n 59958,\n 59959,\n 59960,\n 59963,\n 59964,\n 59965,\n 59967,\n 59970,\n 59971,\n 59972,\n 59973,\n 59974,\n 59976,\n 59977,\n 60067,\n 60102,\n 60437,\n 60441,\n 60444,\n 62368,\n 62369,\n 62520,\n 62522,\n 62524,\n 62529,\n 62531,\n 62536,\n 62551,\n 62553,\n 62554,\n 62556,\n 62557,\n 62558,\n 62559,\n 62560,\n 62563,\n 62565,\n 62567,\n 62568,\n 62569,\n 62570,\n 62571\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2013-09-20-1\");\n\n script_name(english:\"Apple TV < 6.0 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version in banner\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is affected by multiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"According to its banner, the remote Apple TV 2nd generation or later\ndevice is prior to 6.0. It is, therefore, reportedly affected by\nmultiple vulnerabilities, the most serious issues of which could\nresult in arbitrary code execution.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5935\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2013/Sep/msg00008.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/528762/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple TV 6.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/02/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:apple_tv\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"appletv_detect.nasl\");\n script_require_keys(\"www/appletv\");\n script_require_ports(3689);\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\n\nport = 3689;\nbanner = get_http_banner(port:port, broken:TRUE, exit_on_fail:TRUE);\nif (\n \"DAAP-Server: iTunes/\" >!< banner &&\n \"RIPT-Server: iTunesLib/\" >!< banner\n) audit(AUDIT_WRONG_WEB_SERVER, port, 'iTunes');\n\npat = \"^DAAP-Server: iTunes/([0-9][0-9.]+)([a-z])([0-9]+) \\((Mac )?OS X\\)\";\nmatches = egrep(pattern:pat, string:banner);\n\nif (\n \"DAAP-Server: iTunes/\" >< banner &&\n isnull(matches)\n) exit(0, \"The web server listening on port \"+port+\" does not appear to be from iTunes on an Apple TV.\");\n\n\nfixed_major = \"11.1\";\nfixed_char = \"b\";\nfixed_minor = \"37\";\n\nreport = \"\";\n\n# Check first for 3rd gen and recent 2nd gen models.\nif (matches)\n{\n foreach line (split(matches, keep:FALSE))\n {\n match = eregmatch(pattern:pat, string:line);\n if (!isnull(match))\n {\n major = match[1];\n char = match[2];\n minor = int(match[3]);\n\n if (\n ver_compare(ver:major, fix:fixed_major, strict:FALSE) < 0 ||\n (\n ver_compare(ver:major, fix:fixed_major, strict:FALSE) == 0 &&\n (\n ord(char) < ord(fixed_char) ||\n (\n ord(char) == ord(fixed_char) &&\n minor < fixed_minor\n )\n )\n )\n )\n {\n report = '\\n Source : ' + line +\n '\\n Installed iTunes version : ' + major + char + minor +\n '\\n Fixed iTunes version : ' + fixed_major + fixed_char + fixed_minor +\n '\\n';\n }\n break;\n }\n }\n}\nelse\n{\n pat2 = \"^RIPT-Server: iTunesLib/([0-9]+)\\.\";\n matches = egrep(pattern:pat2, string:banner);\n if (matches)\n {\n foreach line (split(matches, keep:FALSE))\n {\n match = eregmatch(pattern:pat2, string:line);\n if (!isnull(match))\n {\n major = int(match[1]);\n if (major < 4) exit(0, \"The web server listening on port \"+port+\" is from iTunes on a 1st generation Apple TV, which is no longer supported.\");\n else if (major >= 4 && major <= 9)\n {\n report = '\\n Source : ' + line +\n '\\n';\n }\n break;\n }\n }\n }\n}\n\n\nif (report)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:report);\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:40:41", "references": ["http://support.apple.com/kb/HT5785", "http://www.zerodayinitiative.com/advisories/ZDI-13-107/", "http://www.zerodayinitiative.com/advisories/ZDI-13-109/", "http://www.securityfocus.com/archive/1/526807/30/0/threaded", "http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html", "http://www.zerodayinitiative.com/advisories/ZDI-13-108/"], "pluginID": "66810", "description": "The version of Apple Safari installed on the remote Mac OS X 10.7 or 10.8 host is earlier than 6.0.5. It is, therefore, potentially affected by several issues :\n\n - Multiple memory corruption vulnerabilities exist in WebKit that could lead to unexpected program termination or arbitrary code execution. (CVE-2013-0879 / CVE-2013-0991 / CVE-2013-0992 / CVE-2013-0993 / CVE-2013-0994 / CVE-2013-0995 / CVE-2013-0996 / CVE-2013-0997 / CVE-2013-0998 / CVE-2013-0999 / CVE-2013-1000 / CVE-2013-1001 / CVE-2013-1002 / CVE-2013-1003 / CVE-2013-1004 / CVE-2013-1005 / CVE-2013-1006 / CVE-2013-1007 / CVE-2013-1008 / CVE-2013-1009 / CVE-2013-1010 / CVE-2013-1011 / CVE-2013-1023)\n\n - A cross-site scripting issue exists in WebKit's handling of iframes. (CVE-2013-1012)\n\n - A cross-site scripting issue exists in WebKit's handling of copied and pasted data in HTML documents.\n (CVE-2013-0926)\n\n - In rewriting URLs to prevent cross-site scripting attacks, XSS Auditor could be abused, leading to malicious alteration of the behavior of a form submission. (CVE-2013-1013)", "edition": 5, "reporter": "Tenable", "published": "2013-06-05T00:00:00", "title": "Mac OS X : Apple Safari < 6.0.5 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "MacOS X Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1002", "CVE-2013-1005", "CVE-2013-1001", "CVE-2013-1000", "CVE-2013-1003", "CVE-2013-0992", "CVE-2013-0998", "CVE-2013-1004", "CVE-2013-1013", "CVE-2013-0879", "CVE-2013-1012", "CVE-2013-0993", "CVE-2013-0995", "CVE-2013-1007", "CVE-2013-1023", "CVE-2013-0991", "CVE-2013-0926", "CVE-2013-0994", "CVE-2013-1011", "CVE-2013-0997", "CVE-2013-1010", "CVE-2013-0996", "CVE-2013-1006", "CVE-2013-1008", "CVE-2013-0999", "CVE-2013-1009"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI6_0_5.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=66810", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66810);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\n \"CVE-2013-0879\",\n \"CVE-2013-0926\",\n \"CVE-2013-0991\",\n \"CVE-2013-0992\",\n \"CVE-2013-0993\",\n \"CVE-2013-0994\",\n \"CVE-2013-0995\",\n \"CVE-2013-0996\",\n \"CVE-2013-0997\",\n \"CVE-2013-0998\",\n \"CVE-2013-0999\",\n \"CVE-2013-1000\",\n \"CVE-2013-1001\",\n \"CVE-2013-1002\",\n \"CVE-2013-1003\",\n \"CVE-2013-1004\",\n \"CVE-2013-1005\",\n \"CVE-2013-1006\",\n \"CVE-2013-1007\",\n \"CVE-2013-1008\",\n \"CVE-2013-1009\",\n \"CVE-2013-1010\",\n \"CVE-2013-1011\",\n \"CVE-2013-1012\",\n \"CVE-2013-1013\",\n \"CVE-2013-1023\"\n );\n script_bugtraq_id(\n 58731,\n 59326,\n 59944,\n 59953,\n 59954,\n 59955,\n 59956,\n 59957,\n 59958,\n 59959,\n 59960,\n 59963,\n 59964,\n 59965,\n 59967,\n 59970,\n 59971,\n 59972,\n 59973,\n 59974,\n 59976,\n 59977,\n 60361,\n 60362,\n 60363,\n 60364\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2013-06-04-2\");\n\n script_name(english:\"Mac OS X : Apple Safari < 6.0.5 Multiple Vulnerabilities\");\n script_summary(english:\"Check the Safari SourceVersion\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host contains a web browser that is affected by several\nvulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of Apple Safari installed on the remote Mac OS X 10.7 or\n10.8 host is earlier than 6.0.5. It is, therefore, potentially\naffected by several issues :\n\n - Multiple memory corruption vulnerabilities exist in\n WebKit that could lead to unexpected program termination\n or arbitrary code execution. (CVE-2013-0879 /\n CVE-2013-0991 / CVE-2013-0992 / CVE-2013-0993 /\n CVE-2013-0994 / CVE-2013-0995 / CVE-2013-0996 /\n CVE-2013-0997 / CVE-2013-0998 / CVE-2013-0999 /\n CVE-2013-1000 / CVE-2013-1001 / CVE-2013-1002 /\n CVE-2013-1003 / CVE-2013-1004 / CVE-2013-1005 /\n CVE-2013-1006 / CVE-2013-1007 / CVE-2013-1008 /\n CVE-2013-1009 / CVE-2013-1010 / CVE-2013-1011 /\n CVE-2013-1023)\n\n - A cross-site scripting issue exists in WebKit's handling\n of iframes. (CVE-2013-1012)\n\n - A cross-site scripting issue exists in WebKit's handling\n of copied and pasted data in HTML documents.\n (CVE-2013-0926)\n\n - In rewriting URLs to prevent cross-site scripting\n attacks, XSS Auditor could be abused, leading to\n malicious alteration of the behavior of a form\n submission. (CVE-2013-1013)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-107/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-108/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-109/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5785\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/526807/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple Safari 6.0.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.[78]([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.7 / 10.8\");\n\nget_kb_item_or_exit(\"MacOSX/Safari/Installed\");\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\nfixed_version = \"6.0.5\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n set_kb_item(name:\"www/0/XSS\", value:TRUE);\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n security_warning(port:0, extra:report);\n }\n else security_warning(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Safari\", version, path);\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:11:27", "references": ["http://support.apple.com/kb/HT6000", "http://www.securelist.com/en/blog/8168/Loophole_in_Safari", "http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html"], "pluginID": "70563", "description": "The version of Apple Safari installed on the remote Mac OS X 10.7 or 10.8 host is earlier than 6.1. It is, therefore, potentially affected by several issues :\n\n - A bounds-checking issue exists related to handling XML files. (CVE-2013-1036)\n\n - Multiple memory corruption vulnerabilities exist in WebKit that could lead to unexpected program termination or arbitrary code execution. (CVE-2013-1037, CVE-2013-1038, CVE-2013-1039, CVE-2013-1040, CVE-2013-1041, CVE-2013-1042, CVE-2013-1043, CVE-2013-1044, CVE-2013-1045, CVE-2013-1046, CVE-2013-1047, CVE-2013-2842, CVE-2013-5125, CVE-2013-5126, CVE-2013-5127, CVE-2013-5128)\n\n - An error exists related to URL handling that could lead to information disclosure. (CVE-2013-2848)\n\n - A cross-site scripting issue exists in WebKit's handling of URLs and drag-and-drop operations. (CVE-2013-5129, CVE-2013-5131)\n\n - Using 'Web Inspector' could negate 'Private Browsing' protections leading to information disclosure.\n (CVE-2013-5130)\n\n - An error exists related to the 'Reopen All Windows from Last Session' feature that could allow a local attacker to obtain plaintext user ID and password information from the 'LastSession.plist' file.\n (CVE-2013-7127)", "edition": 5, "reporter": "Tenable", "published": "2013-10-23T00:00:00", "title": "Mac OS X : Apple Safari < 6.1 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "MacOS X Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1045", "CVE-2013-5131", "CVE-2013-1038", "CVE-2013-2842", "CVE-2013-1040", "CVE-2013-1043", "CVE-2013-1044", "CVE-2013-5126", "CVE-2013-5125", "CVE-2013-2848", "CVE-2013-7127", "CVE-2013-5128", "CVE-2013-1042", "CVE-2013-1036", "CVE-2013-1046", "CVE-2013-1041", "CVE-2013-1037", "CVE-2013-1039", "CVE-2013-5127", "CVE-2013-5129", "CVE-2013-1047", "CVE-2013-5130"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI6_1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=70563", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70563);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\n \"CVE-2013-1036\",\n \"CVE-2013-1037\",\n \"CVE-2013-1038\",\n \"CVE-2013-1039\",\n \"CVE-2013-1040\",\n \"CVE-2013-1041\",\n \"CVE-2013-1042\",\n \"CVE-2013-1043\",\n \"CVE-2013-1044\",\n \"CVE-2013-1045\",\n \"CVE-2013-1046\",\n \"CVE-2013-1047\",\n \"CVE-2013-2842\",\n \"CVE-2013-2848\",\n \"CVE-2013-5125\",\n \"CVE-2013-5126\",\n \"CVE-2013-5127\",\n \"CVE-2013-5128\",\n \"CVE-2013-5129\",\n \"CVE-2013-5130\",\n \"CVE-2013-5131\",\n \"CVE-2013-7127\"\n );\n script_bugtraq_id(\n 60067,\n 60073,\n# 62490, Retired\n 62537,\n 62539,\n 62541,\n 62551,\n 62553,\n 62554,\n 62556,\n 62557,\n 62558,\n 62559,\n 62560,\n 62563,\n 62565,\n 62567,\n 62568,\n 62569,\n 62570,\n 62571,\n 63289,\n 64409\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2013-10-22-2\");\n\n script_name(english:\"Mac OS X : Apple Safari < 6.1 Multiple Vulnerabilities\");\n script_summary(english:\"Check the Safari SourceVersion\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host contains a web browser that is affected by several\nvulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of Apple Safari installed on the remote Mac OS X 10.7 or\n10.8 host is earlier than 6.1. It is, therefore, potentially affected\nby several issues :\n\n - A bounds-checking issue exists related to handling XML\n files. (CVE-2013-1036)\n\n - Multiple memory corruption vulnerabilities exist in\n WebKit that could lead to unexpected program termination\n or arbitrary code execution. (CVE-2013-1037,\n CVE-2013-1038, CVE-2013-1039, CVE-2013-1040,\n CVE-2013-1041, CVE-2013-1042, CVE-2013-1043,\n CVE-2013-1044, CVE-2013-1045, CVE-2013-1046,\n CVE-2013-1047, CVE-2013-2842, CVE-2013-5125,\n CVE-2013-5126, CVE-2013-5127, CVE-2013-5128)\n\n - An error exists related to URL handling that could lead\n to information disclosure. (CVE-2013-2848)\n\n - A cross-site scripting issue exists in WebKit's handling\n of URLs and drag-and-drop operations. (CVE-2013-5129,\n CVE-2013-5131)\n\n - Using 'Web Inspector' could negate 'Private Browsing'\n protections leading to information disclosure.\n (CVE-2013-5130)\n\n - An error exists related to the 'Reopen All Windows\n from Last Session' feature that could allow a local\n attacker to obtain plaintext user ID and password\n information from the 'LastSession.plist' file.\n (CVE-2013-7127)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT6000\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securelist.com/en/blog/8168/Loophole_in_Safari\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple Safari 6.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.[78]([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.7 / 10.8\");\n\nget_kb_item_or_exit(\"MacOSX/Safari/Installed\");\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\nfixed_version = \"6.1\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n set_kb_item(name:\"www/0/XSS\", value:TRUE);\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n security_warning(port:0, extra:report);\n }\n else security_warning(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Safari\", version, path);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:03:46", "references": ["http://www.zerodayinitiative.com/advisories/ZDI-13-107/", "http://www.zerodayinitiative.com/advisories/ZDI-13-109/", "http://www.securityfocus.com/archive/1/526623/30/0/threaded", "http://lists.apple.com/archives/security-announce/2013/May/msg00000.html", "http://support.apple.com/kb/HT5766", "http://www.zerodayinitiative.com/advisories/ZDI-13-108/"], "pluginID": "66499", "description": "The version of Apple iTunes on the remote host is prior to version 11.0.3. It is, therefore, affected by multiple vulnerabilities :\n\n - An error exists related to certificate validation. A man-in-the-middle attacker can exploit this to spoof HTTPS servers, which allows the disclosure of sensitive information or the application to trust data from untrusted sources. Note that this issue affects the application regardless of the operating system.\n (CVE-2013-1014)\n\n - The version of WebKit included in iTunes contains several errors that can lead to memory corruption and arbitrary code execution. The vendor states that one possible vector is a man-in-the-middle attack while the application browses the 'iTunes Store'. Please note that these vulnerabilities only affect the application when it is running on a Windows host.\n (CVE-2012-2824, CVE-2012-2857, CVE-2012-3748, CVE-2012-5112, CVE-2013-0879, CVE-2013-0912, CVE-2013-0948, CVE-2013-0949, CVE-2013-0950, CVE-2013-0951, CVE-2013-0952, CVE-2013-0953, CVE-2013-0954, CVE-2013-0955, CVE-2013-0956, CVE-2013-0958, CVE-2013-0959, CVE-2013-0960, CVE-2013-0961, CVE-2013-0991, CVE-2013-0992, CVE-2013-0993, CVE-2013-0994, CVE-2013-0995, CVE-2013-0996, CVE-2013-0997, CVE-2013-0998, CVE-2013-0999, CVE-2013-1000, CVE-2013-1001, CVE-2013-1002, CVE-2013-1003, CVE-2013-1004, CVE-2013-1005, CVE-2013-1006, CVE-2013-1007, CVE-2013-1008, CVE-2013-1010, CVE-2013-1011)", "edition": 7, "reporter": "Tenable", "published": "2013-05-17T00:00:00", "title": "Apple iTunes < 11.0.3 Multiple Vulnerabilities (uncredentialed check)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Peer-To-Peer File Sharing", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-1014", "CVE-2013-1002", "CVE-2013-1005", "CVE-2013-1001", "CVE-2013-1000", "CVE-2013-1003", "CVE-2013-0951", "CVE-2012-2857", "CVE-2013-0992", "CVE-2013-0998", "CVE-2012-3748", "CVE-2013-0953", "CVE-2013-1004", "CVE-2012-2824", "CVE-2013-0959", "CVE-2013-0879", "CVE-2013-0993", "CVE-2013-0995", "CVE-2013-1007", "CVE-2013-0991", "CVE-2013-0954", "CVE-2013-0994", "CVE-2013-0950", "CVE-2013-0961", "CVE-2013-1011", "CVE-2013-0952", "CVE-2013-0997", "CVE-2012-5112", "CVE-2013-1010", "CVE-2013-0996", "CVE-2013-0912", "CVE-2013-0956", "CVE-2013-1006", "CVE-2013-0948", "CVE-2013-1008", "CVE-2013-0958", "CVE-2013-0960", "CVE-2013-0999", "CVE-2013-0949", "CVE-2013-0955"], "modified": "2018-07-13T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_11_0_3_BANNER.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=66499", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66499);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/07/13 15:08:46\");\n\n script_cve_id(\n \"CVE-2012-2824\",\n \"CVE-2012-2857\",\n \"CVE-2012-3748\",\n \"CVE-2012-5112\",\n \"CVE-2013-0879\",\n \"CVE-2013-0912\",\n \"CVE-2013-0948\",\n \"CVE-2013-0949\",\n \"CVE-2013-0950\",\n \"CVE-2013-0951\",\n \"CVE-2013-0952\",\n \"CVE-2013-0953\",\n \"CVE-2013-0954\",\n \"CVE-2013-0955\",\n \"CVE-2013-0956\",\n \"CVE-2013-0958\",\n \"CVE-2013-0959\",\n \"CVE-2013-0960\",\n \"CVE-2013-0961\",\n \"CVE-2013-0991\",\n \"CVE-2013-0992\",\n \"CVE-2013-0993\",\n \"CVE-2013-0994\",\n \"CVE-2013-0995\",\n \"CVE-2013-0996\",\n \"CVE-2013-0997\",\n \"CVE-2013-0998\",\n \"CVE-2013-0999\",\n \"CVE-2013-1000\",\n \"CVE-2013-1001\",\n \"CVE-2013-1002\",\n \"CVE-2013-1003\",\n \"CVE-2013-1004\",\n \"CVE-2013-1005\",\n \"CVE-2013-1006\",\n \"CVE-2013-1007\",\n \"CVE-2013-1008\",\n \"CVE-2013-1010\",\n \"CVE-2013-1011\",\n \"CVE-2013-1014\"\n );\n script_bugtraq_id(\n 54203,\n 54749,\n 55867,\n 56362,\n 57576,\n 57580,\n 57581,\n 57582,\n 57584,\n 57585,\n 57586,\n 57587,\n 57588,\n 57589,\n 57590,\n 58388,\n 58495,\n 58496,\n 59941,\n 59944,\n 59953,\n 59954,\n 59955,\n 59956,\n 59957,\n 59958,\n 59959,\n 59960,\n 59963,\n 59964,\n 59965,\n 59967,\n 59970,\n 59971,\n 59972,\n 59973,\n 59974,\n 59976,\n 59977\n );\n script_xref(name:\"EDB-ID\", value:\"28081\");\n\n script_name(english:\"Apple iTunes < 11.0.3 Multiple Vulnerabilities (uncredentialed check)\");\n script_summary(english:\"Checks the version of iTunes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a multimedia application that has multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes on the remote host is prior to version\n11.0.3. It is, therefore, affected by multiple vulnerabilities :\n\n - An error exists related to certificate validation. A\n man-in-the-middle attacker can exploit this to spoof\n HTTPS servers, which allows the disclosure of sensitive\n information or the application to trust data from\n untrusted sources. Note that this issue affects the\n application regardless of the operating system.\n (CVE-2013-1014)\n\n - The version of WebKit included in iTunes contains\n several errors that can lead to memory corruption and\n arbitrary code execution. The vendor states that one\n possible vector is a man-in-the-middle attack while the\n application browses the 'iTunes Store'. Please note that\n these vulnerabilities only affect the application when\n it is running on a Windows host.\n (CVE-2012-2824, CVE-2012-2857, CVE-2012-3748,\n CVE-2012-5112, CVE-2013-0879, CVE-2013-0912,\n CVE-2013-0948, CVE-2013-0949, CVE-2013-0950,\n CVE-2013-0951, CVE-2013-0952, CVE-2013-0953,\n CVE-2013-0954, CVE-2013-0955, CVE-2013-0956,\n CVE-2013-0958, CVE-2013-0959, CVE-2013-0960,\n CVE-2013-0961, CVE-2013-0991, CVE-2013-0992,\n CVE-2013-0993, CVE-2013-0994, CVE-2013-0995,\n CVE-2013-0996, CVE-2013-0997, CVE-2013-0998,\n CVE-2013-0999, CVE-2013-1000, CVE-2013-1001,\n CVE-2013-1002, CVE-2013-1003, CVE-2013-1004,\n CVE-2013-1005, CVE-2013-1006, CVE-2013-1007,\n CVE-2013-1008, CVE-2013-1010, CVE-2013-1011)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-107/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-108/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-13-109/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5766\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2013/May/msg00000.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/526623/30/0/threaded\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple iTunes 11.0.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_family(english:\"Peer-To-Peer File Sharing\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"itunes_sharing.nasl\");\n script_require_keys(\"iTunes/sharing\");\n script_require_ports(\"Services/www\", 3689);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);\n\nget_kb_item_or_exit(\"iTunes/\" + port + \"/enabled\");\n\ntype = get_kb_item_or_exit(\"iTunes/\" + port + \"/type\");\nsource = get_kb_item_or_exit(\"iTunes/\" + port + \"/source\");\nversion = get_kb_item_or_exit(\"iTunes/\" + port + \"/version\");\n\nif (type == 'AppleTV') audit(AUDIT_LISTEN_NOT_VULN, \"iTunes on AppleTV\", port, version);\n\nfixed_version = \"11.0.3\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"iTunes\", port, version);\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:43:58", "references": ["https://www.vmware.com/security/advisories/VMSA-2013-0001"], "pluginID": "89661", "description": "The remote VMware ESX / ESXi host is missing a security-related patch.\nIt is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several components and third-party libraries :\n\n - Authentication Service\n - bind\n - libxml2\n - libxslt", "edition": 5, "reporter": "Tenable", "published": "2016-03-04T00:00:00", "title": "VMware ESX / ESXi Authentication Service and Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0001) (remote check)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Misc.", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-4244", "CVE-2012-2870", "CVE-2011-3102", "CVE-2012-2807", "CVE-2013-1405"], "modified": "2018-08-06T00:00:00", "cpe": ["cpe:/o:vmware:esx", "cpe:/o:vmware:esxi"], "id": "VMWARE_ESX_VMSA-2013-0001_REMOTE.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=89661", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89661);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/08/06 14:03:14\");\n\n script_cve_id(\n \"CVE-2011-1202\",\n \"CVE-2011-3102\",\n \"CVE-2011-3970\",\n \"CVE-2012-2807\",\n \"CVE-2012-2825\",\n \"CVE-2012-2870\",\n \"CVE-2012-2871\",\n \"CVE-2012-4244\",\n \"CVE-2013-1405\"\n );\n script_bugtraq_id(\n 47668, \n 51911, \n 53540, \n 54203, \n 54718, \n 55331, \n 55522, \n 57666\n );\n script_xref(name:\"VMSA\", value:\"2013-0001\");\n\n script_name(english:\"VMware ESX / ESXi Authentication Service and Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0001) (remote check)\");\n script_summary(english:\"Checks the version and build numbers of the remote host.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote VMware ESX / ESXi host is missing a security-related patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote VMware ESX / ESXi host is missing a security-related patch.\nIt is, therefore, affected by multiple vulnerabilities, including\nremote code execution vulnerabilities, in several components and\nthird-party libraries :\n\n - Authentication Service\n - bind\n - libxml2\n - libxslt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/security/advisories/VMSA-2013-0001\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the vendor advisory that\npertains to ESX version 3.5 / 4.0 / 4.1 or ESXi version 3.5 / 4.0 /\n4.1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/02/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"vmware_vsphere_detect.nbin\");\n script_require_keys(\"Host/VMware/version\", \"Host/VMware/release\");\n script_require_ports(\"Host/VMware/vsphere\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit(\"Host/VMware/version\");\nrel = get_kb_item_or_exit(\"Host/VMware/release\");\nport = get_kb_item_or_exit(\"Host/VMware/vsphere\");\nesx = '';\nbuild = 0;\nfix = FALSE;\n\nif (\"ESX\" >!< rel)\n audit(AUDIT_OS_NOT, \"VMware ESX/ESXi\");\n\nextract = eregmatch(pattern:\"^(ESXi?) (\\d\\.\\d).*$\", string:ver);\nif (empty_or_null(extract))\n audit(AUDIT_UNKNOWN_APP_VER, \"VMware ESX/ESXi\");\n\nesx = extract[1];\nver = extract[2];\n\nextract = eregmatch(pattern:'^VMware ESXi?.* build-([0-9]+)$', string:rel);\nif (isnull(extract))\n audit(AUDIT_UNKNOWN_BUILD, \"VMware \" + esx, ver);\n\nbuild = int(extract[1]);\n\nfixes = make_array(\n \"4.0\", 989856,\n \"4.1\", 988178,\n \"3.5\", 988599\n);\n\nfix = fixes[ver];\n\nif (!fix)\n audit(AUDIT_INST_VER_NOT_VULN, esx, ver, build);\n\nif (build < fix)\n{\n report = '\\n Version : ' + esx + \" \" + ver +\n '\\n Installed build : ' + build +\n '\\n Fixed build : ' + fix +\n '\\n';\n security_report_v4(port:port, severity:SECURITY_HOLE, extra:report);\n exit(0);\n}\nelse\n audit(AUDIT_INST_VER_NOT_VULN, \"VMware \" + esx, ver, build);\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:47:21", "references": ["http://lists.vmware.com/pipermail/security-announce/2013/000215.html"], "pluginID": "64642", "description": "a. VMware vSphere client-side authentication memory corruption vulnerability\n\n VMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the handling of the management authentication protocol. To exploit this vulnerability, an attacker must convince either vCenter Server, vSphere Client or ESX to interact with a malicious server as a client. Exploitation of the issue may lead to code execution on the client system.\n To reduce the likelihood of exploitation, vSphere components should be deployed on an isolated management network.\n The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2013-1405 to this issue.\n\nb. Update to ESX/ESXi libxml2 userworld and service console\n\n The ESX/ESXi userworld libxml2 library has been updated to resolve multiple security issues. Also, the ESX service console libxml2 packages are updated to the following versions :\n\n libxml2-2.6.26-2.1.15.el5_8.5 libxml2-python-2.6.26-2.1.15.el5_8.5\n\n These updates fix multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-3102 and CVE-2012-2807 to these issues.\n\nc. Update to ESX service console bind packages\n\n The ESX service console bind packages are updated to the following versions :\n\n bind-libs-9.3.6-20.P1.el5_8.2 bind-utils-9.3.6-20.P1.el5_8.2\n\n These updates fix a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-4244 to this issue.\n\nd. Update to ESX service console libxslt package\n\n The ESX service console libxslt package is updated to version libxslt-1.1.17-4.el5_8.3 to resolve multiple security issues.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-1202, CVE-2011-3970, CVE-2012-2825, CVE-2012-2870, and CVE-2012-2871 to these issues.", "edition": 5, "reporter": "Tenable", "published": "2013-02-16T00:00:00", "title": "VMSA-2013-0001 : VMware vSphere security updates for the authentication service and third-party libraries", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "VMware ESX Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-4244", "CVE-2012-2870", "CVE-2011-3102", "CVE-2012-2807", "CVE-2013-1405"], "modified": "2018-08-06T00:00:00", "cpe": ["cpe:/o:vmware:esx:3.5", "cpe:/o:vmware:esx:4.1", "cpe:/o:vmware:esxi:3.5", "cpe:/o:vmware:esxi:5.0", "cpe:/o:vmware:esxi:5.1", "cpe:/o:vmware:esx:4.0", "cpe:/o:vmware:esxi:4.0", "cpe:/o:vmware:esxi:4.1"], "id": "VMWARE_VMSA-2013-0001.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64642", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from VMware Security Advisory 2013-0001. \n# The text itself is copyright (C) VMware Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64642);\n script_version(\"1.31\");\n script_cvs_date(\"Date: 2018/08/06 14:03:16\");\n\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3102\", \"CVE-2011-3970\", \"CVE-2012-2807\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\", \"CVE-2012-4244\", \"CVE-2013-1405\");\n script_bugtraq_id(47668, 51911, 53540, 54203, 54718, 55331, 55522, 57666);\n script_xref(name:\"VMSA\", value:\"2013-0001\");\n script_xref(name:\"IAVA\", value:\"2013-A-0031\");\n\n script_name(english:\"VMSA-2013-0001 : VMware vSphere security updates for the authentication service and third-party libraries\");\n script_summary(english:\"Checks esxupdate output for the patches\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote VMware ESXi / ESX host is missing one or more\nsecurity-related patches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"a. VMware vSphere client-side authentication memory corruption\n vulnerability\n\n VMware vCenter Server, vSphere Client, and ESX contain a\n vulnerability in the handling of the management authentication\n protocol. To exploit this vulnerability, an attacker must\n convince either vCenter Server, vSphere Client or ESX to\n interact with a malicious server as a client. Exploitation of\n the issue may lead to code execution on the client system.\n \n To reduce the likelihood of exploitation, vSphere components\n should be deployed on an isolated management network.\n \n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2013-1405 to this issue.\n\nb. Update to ESX/ESXi libxml2 userworld and service console\n\n The ESX/ESXi userworld libxml2 library has been updated to\n resolve multiple security issues. Also, the ESX service console\n libxml2 packages are updated to the following versions :\n\n libxml2-2.6.26-2.1.15.el5_8.5\n libxml2-python-2.6.26-2.1.15.el5_8.5\n\n These updates fix multiple security issues. The Common\n Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the names CVE-2011-3102 and CVE-2012-2807 to these\n issues.\n\nc. Update to ESX service console bind packages\n\n The ESX service console bind packages are updated to the\n following versions :\n\n bind-libs-9.3.6-20.P1.el5_8.2\n bind-utils-9.3.6-20.P1.el5_8.2\n\n These updates fix a security issue. The Common Vulnerabilities\n and Exposures project (cve.mitre.org) has assigned the name\n CVE-2012-4244 to this issue.\n\nd. Update to ESX service console libxslt package\n\n The ESX service console libxslt package is updated to version\n libxslt-1.1.17-4.el5_8.3 to resolve multiple security issues.\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2011-1202, CVE-2011-3970,\n CVE-2012-2825, CVE-2012-2870, and CVE-2012-2871 to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.vmware.com/pipermail/security-announce/2013/000215.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply the missing patches.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:3.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:4.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:3.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:4.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:5.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/16\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"VMware ESX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/VMware/release\", \"Host/VMware/version\");\n script_require_ports(\"Host/VMware/esxupdate\", \"Host/VMware/esxcli_software_vibs\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"vmware_esx_packages.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/VMware/release\")) audit(AUDIT_OS_NOT, \"VMware ESX / ESXi\");\nif (\n !get_kb_item(\"Host/VMware/esxcli_software_vibs\") &&\n !get_kb_item(\"Host/VMware/esxupdate\")\n) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ninit_esx_check(date:\"2013-01-31\");\nflag = 0;\n\n\nif (esx_check(ver:\"ESX 3.5.0\", patch:\"ESX350-201302401-SG\")) flag++;\n\nif (\n esx_check(\n ver : \"ESX 4.0\",\n patch : \"ESX400-201302401-SG\",\n patch_updates : make_list(\"ESX400-201305401-SG\", \"ESX400-201310401-SG\", \"ESX400-201404401-SG\")\n )\n) flag++;\nif (esx_check(ver:\"ESX 4.0\", patch:\"ESX400-201305402-SG\")) flag++;\n\nif (\n esx_check(\n ver : \"ESX 4.1\",\n patch : \"ESX410-201301401-SG\",\n patch_updates : make_list(\"ESX410-201304401-SG\", \"ESX410-201307401-SG\", \"ESX410-201312401-SG\", \"ESX410-201404401-SG\")\n )\n) flag++;\nif (esx_check(ver:\"ESX 4.1\", patch:\"ESX410-201301402-SG\")) flag++;\nif (esx_check(ver:\"ESX 4.1\", patch:\"ESX410-201301403-SG\")) flag++;\nif (\n esx_check(\n ver : \"ESX 4.1\",\n patch : \"ESX410-201301405-SG\",\n patch_updates : make_list(\"ESX410-201304402-SG\", \"ESX410-201307405-SG\")\n )\n) flag++;\n\nif (esx_check(ver:\"ESXi 3.5.0\", patch:\"ESXe350-201302401-I-SG\")) flag++;\nif (esx_check(ver:\"ESXi 3.5.0\", patch:\"ESXe350-201302403-C-SG\")) flag++;\n\nif (\n esx_check(\n ver : \"ESXi 4.0\",\n patch : \"ESXi400-201302401-SG\",\n patch_updates : make_list(\"ESXi400-201305401-SG\", \"ESXi400-201310401-SG\", \"ESXi400-201404401-SG\")\n )\n) flag++;\nif (\n esx_check(\n ver : \"ESXi 4.0\",\n patch : \"ESXi400-201302403-SG\",\n patch_updates : make_list(\"ESXi400-201404402-SG\")\n )\n) flag++;\n\nif (\n esx_check(\n ver : \"ESXi 4.1\",\n patch : \"ESXi410-201301401-SG\",\n patch_updates : make_list(\"ESXi410-201304401-SG\", \"ESXi410-201307401-SG\", \"ESXi410-201312401-SG\", \"ESXi410-201404401-SG\")\n )\n) flag++;\n\nif (esx_check(ver:\"ESXi 5.0\", vib:\"VMware:esx-base:5.0.0-2.29.1022489\")) flag++;\n\nif (esx_check(ver:\"ESXi 5.1\", vib:\"VMware:esx-base:5.1.0-0.11.1063671\")) flag++;\nif (esx_check(ver:\"ESXi 5.1\", vib:\"VMware:esx-xserver:5.1.0-0.11.1063671\")) flag++;\nif (esx_check(ver:\"ESXi 5.1\", vib:\"VMware:net-bnx2x:1.61.15.v50.3-1vmw.510.0.11.1063671\")) flag++;\nif (esx_check(ver:\"ESXi 5.1\", vib:\"VMware:tools-light:5.1.0-0.11.1063671\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:esx_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:54", "references": ["https://vulners.com/securityvulns/securityvulns:doc:30256"], "description": "Multiple vulnerabilities on different formats parsing.", "edition": 1, "reporter": "APPLE", "published": "2014-01-29T00:00:00", "title": "Apple iTunes multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:54", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "iTunes", "version": "11.1", "operator": "eq"}], "cvelist": ["CVE-2013-1045", "CVE-2013-1038", "CVE-2013-2842", "CVE-2012-2871", "CVE-2013-1040", "CVE-2013-1043", "CVE-2013-1044", "CVE-2013-5126", "CVE-2013-5125", "CVE-2012-2825", "CVE-2012-5134", "CVE-2013-5128", "CVE-2013-1042", "CVE-2013-1046", "CVE-2013-1041", "CVE-2013-1037", "CVE-2012-2870", "CVE-2013-1039", "CVE-2011-3102", "CVE-2013-5127", "CVE-2012-0841", "CVE-2013-1047", "CVE-2012-2807", "CVE-2014-1242", "CVE-2013-1024"], "modified": "2014-01-29T00:00:00", "id": "SECURITYVULNS:VULN:13535", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13535", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:50", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2014-01-22-1 iTunes 11.1.4\r\n\r\niTunes 11.1.4 is now available and addresses the following:\r\n\r\niTunes\r\nAvailable for: Mac OS X v10.6.8 or later, Windows 8, Windows 7,\r\nVista, XP SP2 or later\r\nImpact: An attacker with a privileged network position may control\r\nthe contents of the iTunes Tutorials window\r\nDescription: The contents of the iTunes Tutorials window are\r\nretrieved from the network using an unprotected HTTP connection. An\r\nattacker with a privileged network position may inject arbitrary\r\ncontents. This issue was addressed by using an encrypted HTTPS\r\nconnection to retrieve tutorials.\r\nCVE-ID\r\nCVE-2014-1242 : Apple\r\n\r\niTunes\r\nAvailable for: Windows 8, Windows 7, Vista, XP SP2 or later\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An uninitialized memory access issue existed in the\r\nhandling of text tracks. This issue was addressed by additional\r\nvalidation of text tracks.\r\nCVE-ID\r\nCVE-2013-1024 : Richard Kuo and Billy Suguitan of Triemt Corporation\r\n\r\niTunes\r\nAvailable for: Windows 8, Windows 7, Vista, XP SP2 or later\r\nImpact: A man-in-the-middle attack while browsing the iTunes Store\r\nvia iTunes may lead to an unexpected application termination or\r\narbitrary code executionn\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2013-1037 : Google Chrome Security Team\r\nCVE-2013-1038 : Google Chrome Security Team\r\nCVE-2013-1039 : own-hero Research working with iDefense VCP\r\nCVE-2013-1040 : Google Chrome Security Team\r\nCVE-2013-1041 : Google Chrome Security Team\r\nCVE-2013-1042 : Google Chrome Security Team\r\nCVE-2013-1043 : Google Chrome Security Team\r\nCVE-2013-1044 : Apple\r\nCVE-2013-1045 : Google Chrome Security Team\r\nCVE-2013-1046 : Google Chrome Security Team\r\nCVE-2013-1047 : miaubiz\r\nCVE-2013-2842 : Cyril Cattiaux\r\nCVE-2013-5125 : Google Chrome Security Team\r\nCVE-2013-5126 : Apple\r\nCVE-2013-5127 : Google Chrome Security Team\r\nCVE-2013-5128 : Apple\r\n\r\nlibxml\r\nAvailable for: Windows 8, Windows 7, Vista, XP SP2 or later\r\nImpact: A man-in-the-middle attack while browsing the iTunes Store\r\nvia iTunes may lead to an unexpected application termination or\r\narbitrary code executionn\r\nDescription: Multiple memory corruption issues existed in libxml.\r\nThese issues were addressed by updating libxml to version 2.9.0.\r\nCVE-ID\r\nCVE-2011-3102 : Juri Aedla\r\nCVE-2012-0841\r\nCVE-2012-2807 : Juri Aedla\r\nCVE-2012-5134 : Google Chrome Security Team (Juri Aedla)\r\n\r\nlibxslt\r\nAvailable for: Windows 8, Windows 7, Vista, XP SP2 or later\r\nImpact: A man-in-the-middle attack while browsing the iTunes Store\r\nvia iTunes may lead to an unexpected application termination or\r\narbitrary code executionn\r\nDescription: Multiple memory corruption issues existed in libxslt.\r\nThese issues were addressed by updating libxslt to version 1.1.28.\r\nCVE-ID\r\nCVE-2012-2825 : Nicolas Gregoire\r\nCVE-2012-2870 : Nicolas Gregoire\r\nCVE-2012-2871 : Kai Lu of Fortinet's FortiGuard Labs, Nicolas\r\nGregoire\r\n\r\n\r\niTunes 11.1.4 may be obtained from:\r\nhttp://www.apple.com/itunes/download/\r\n\r\nFor OS X:\r\nThe download file is named: iTunes11.1.4.dmg\r\nIts SHA-1 digest is: ffde4658def154edfa479696e40588e9252e7276\r\n\r\nFor Windows XP / Vista / Windows 7 / Windows 8:\r\nThe download file is named: "iTunesSetup.exe"\r\nIts SHA-1 digest is: 3701f3e7f7c44bad05631533f2ab52e08ae0ba1f\r\n\r\nFor 64-bit Windows XP / Vista / Windows 7 / Windows 8:\r\nThe download file is named: "iTunes64Setup.exe"\r\nIts SHA-1 digest is: fd9caee83907b9f6aa01d031f63fa9ed9be2bfab\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJS4DtWAAoJEPefwLHPlZEwEyIQAJ4B3eB18xKixTw39CTkiIf2\r\ndQlDo2gk8ghBHTS4ZQU74OuGyEall3AgXqz/ENrrapgTT9Ej+OVtcofZIOM7IuFC\r\nsvag6TSYEkvNLbQMfhVOYvEbwc1Is56tu9huWgYpGpPrZYF0LfNyUYUd3DuWQ2de\r\n1P2vfeowCxd9Orp2aw5w48gJkCFHcxtKpY7QSenn9ZEVKo7KM9ejwQqLWwdwwK45\r\nkoP3ovYJa61eLjth61+f85H2xkb6zB6zM5qGPwxNRknPdttabl+NNxiR93jvAoMr\r\n8OUSMErSjxUN9HSBd+ZXtCCmK+NmYnYJk1HtIq11p4OZk8XvNVzzh3JtePAXoRjj\r\n6xQsoC0EjxzV7aYPaje2aiY3XfuT4gLX1NI+ZnTNfy6Y3BMZ8FId1XnBESyevMXw\r\nAowaQk6FNiz3qHNTSaJCmjMtVScu2m9OKANGexadETw2/NFMRsfHdDEf7bN8Lj85\r\nMbPhgFW6qMKjJ15g0NW1gvvZjbJCcL6Y2LdjabWFeIJLV7gXE3lviIwMwFfQqBqN\r\nB+w6o6PQPrGxSzSGzjIf/76qLYJjL7zenGERCHJiOH54LMITZn8db3lECY1CMUXw\r\nlsKk4W7IeI2u43hxaYaYfSpdjF14U2CrRJSFHcyFe2oPxU26hxCax3AyHLxncPoX\r\neWabnIgZ1wYWZB0y8x5K\r\n=pK6I\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2014-01-29T00:00:00", "title": "APPLE-SA-2014-01-22-1 iTunes 11.1.4", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:50", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2013-1045", "CVE-2013-1038", "CVE-2013-2842", "CVE-2012-2871", "CVE-2013-1040", "CVE-2013-1043", "CVE-2013-1044", "CVE-2013-5126", "CVE-2013-5125", "CVE-2012-2825", "CVE-2012-5134", "CVE-2013-5128", "CVE-2013-1042", "CVE-2013-1046", "CVE-2013-1041", "CVE-2013-1037", "CVE-2012-2870", "CVE-2013-1039", "CVE-2011-3102", "CVE-2013-5127", "CVE-2012-0841", "CVE-2013-1047", "CVE-2012-2807", "CVE-2014-1242", "CVE-2013-1024"], "modified": "2014-01-29T00:00:00", "id": "SECURITYVULNS:DOC:30256", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30256", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:48", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2013-06-04-2 Safari 6.0.5\r\n\r\nSafari 6.0.5 is now available and addresses the following:\r\n\r\nWebKit\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8.3\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2013-0879 : Atte Kettunen of OUSPG\r\nCVE-2013-0991 : Jay Civelli of the Chromium development community\r\nCVE-2013-0992 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-0993 : Google Chrome Security Team (Inferno)\r\nCVE-2013-0994 : David German of Google\r\nCVE-2013-0995 : Google Chrome Security Team (Inferno)\r\nCVE-2013-0996 : Google Chrome Security Team (Inferno)\r\nCVE-2013-0997 : Vitaliy Toropov working with HP's Zero Day Initiative\r\nCVE-2013-0998 : pa_kt working with HP's Zero Day Initiative\r\nCVE-2013-0999 : pa_kt working with HP's Zero Day Initiative\r\nCVE-2013-1000 : Fermin J. Serna of the Google Security Team\r\nCVE-2013-1001 : Ryan Humenick\r\nCVE-2013-1002 : Sergey Glazunov\r\nCVE-2013-1003 : Google Chrome Security Team (Inferno)\r\nCVE-2013-1004 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-1005 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-1006 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-1007 : Google Chrome Security Team (Inferno)\r\nCVE-2013-1008 : Sergey Glazunov\r\nCVE-2013-1009 : Apple\r\nCVE-2013-1010 : miaubiz\r\nCVE-2013-1011 : Google Chrome Security Team (Inferno)\r\nCVE-2013-1023 : Google Chrome Security Team (Inferno)\r\n\r\nWebKit\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8.3\r\nImpact: Visiting a maliciously crafted website may lead to a cross-\r\nsite scripting attack\r\nDescription: A cross-site scripting issue existed in the handling of\r\niframes. This issue was addressed through improved origin tracking.\r\nCVE-ID\r\nCVE-2013-1012 : Subodh Iyengar and Erling Ellingsen of Facebook\r\n\r\nWebKit\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8.3\r\nImpact: Copying and pasting a malicious HTML snippet may lead to a\r\ncross-site scripting attack\r\nDescription: A cross-site scripting issue existed in the handling of\r\ncopied and pasted data in HTML documents. This issue was addressed\r\nthrough additional validation of pasted content.\r\nCVE-ID\r\nCVE-2013-0926 : Aditya Gupta, Subho Halder, and Dev Kar of xys3c\r\n(xysec.com)\r\n\r\nWebKit\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8.3\r\nImpact: Following a maliciously crafted link could lead to\r\nunexpected behavior on the target site\r\nDescription: XSS Auditor may rewrite URLs to prevent cross-site\r\nscripting attacks. This may lead to a malicious alteration of the\r\nbehavior of a form submission. This issue was addressed through\r\nimproved validation of URLs.\r\nCVE-ID\r\nCVE-2013-1013 : Sam Power of Pentest Limited\r\n\r\n\r\nFor OS X Lion systems Safari 6.0.5 is available via\r\nthe Apple Software Update application.\r\n\r\nFor OS X Mountain Lion systems Safari 6.0.5 is included with\r\nOS X v10.8.4.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJRrjeeAAoJEPefwLHPlZEwCm4P/3WseW2DFgYieiAHghpGQ07e\r\n/XuNWzqld4CpXyFUQDkw55DU1Y9dVIIl663rSR0VyXJDB5dMh6iHEBRHX4tarGym\r\nbeZS0cDuakospFtX4MZgcKXu/8cV7b8lq9tzqH0pL419a61Fjhm1eRfDeM3snXkO\r\nkNCRi3nqOCmMroUiY+cJlKHi1x/t+2whISSM3QsIgpU5yyjEU3neMy2TPjuxC48h\r\nXZr9XaDX5cztv0MWCX+jkv+OpYPxVtPxBVw6rPLaX2eg7iwBM6yDbLF5i/4oY06t\r\nHzF2uCk8TlbFdk05Cr7HxmYV2qBei8VkcO1Mc4Ij3v3Q9iiKBRkr+d0CYQ1HSkrY\r\nigfCmfDiEpaKZfzCgwRsVFZ/UhuXTDipTFIzKrZSlbsglVyIQJtKVyyWEZDOKcYL\r\nkKCAS+ep0UyFIyeCCjFknd2hMneMR7a4u2XGJm1VtfRCA+ed3Cr0ROS+O9viGjYi\r\nQcm+2yzlWg9vpfojv+uX+aqh6IsprhfqXuF4ypM6D98IQ3fJqx9a0tVIPniFaLuP\r\nO39M+UGtPLAw7BMiKkb4XyEajKFwJt1pfddWkC1YjKjtyRGf62BDOtY2KqEsyzpF\r\n5nOzM3Vc+3urbur+69oqJLwRwC/PHkh1ym3LjrmqUW7+okckIGCQGt3iUwIWNKhp\r\n2YgKISKdQYxVSfkzkqYY\r\n=jk2e\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2013-06-17T00:00:00", "title": "APPLE-SA-2013-06-04-2 Safari 6.0.5", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:48", "vector": "NONE", "value": 6.8}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2013-1002", "CVE-2013-1005", "CVE-2013-1001", "CVE-2013-1000", "CVE-2013-1003", "CVE-2013-0992", "CVE-2013-0998", "CVE-2013-1004", "CVE-2013-1013", "CVE-2013-0879", "CVE-2013-1012", "CVE-2013-0993", "CVE-2013-0995", "CVE-2013-1007", "CVE-2013-1023", "CVE-2013-0991", "CVE-2013-0926", "CVE-2013-0994", "CVE-2013-1011", "CVE-2013-0997", "CVE-2013-1010", "CVE-2013-0996", "CVE-2013-1006", "CVE-2013-1008", "CVE-2013-0999", "CVE-2013-1009"], "modified": "2013-06-17T00:00:00", "id": "SECURITYVULNS:DOC:29465", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29465", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:49", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2013-09-20-1 Apple TV 6.0\r\n\r\nApple TV 6.0 is now available and addresses the following:\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Viewing a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of JBIG2\r\nencoded data in PDF files. This issue was addressed through\r\nadditional bounds checking.\r\nCVE-ID\r\nCVE-2013-1025 : Felix Groebert of the Google Security Team\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Playing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of Sorenson\r\nencoded movie files. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2013-1019 : Tom Gallagher (Microsoft) & Paul Bates (Microsoft)\r\nworking with HP's Zero Day Initiative\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: An attacker with a privileged network position may intercept\r\nuser credentials or other sensitive information\r\nDescription: TrustWave, a trusted root CA, has issued, and\r\nsubsequently revoked, a sub-CA certificate from one of its trusted\r\nanchors. This sub-CA facilitated the interception of communications\r\nsecured by Transport Layer Security (TLS). This update added the\r\ninvolved sub-CA certificate to OS X's list of untrusted certificates.\r\nCVE-ID\r\nCVE-2013-5134\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: An attacker who has arbitrary code execution on a device may\r\nbe able to persist code execution across reboots\r\nDescription: Multiple buffer overflows existed in dyld's\r\nopenSharedCacheFile() function. These issues were addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2013-3950 : Stefan Esser\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Viewing a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of JPEG2000\r\nencoded data in PDF files. This issue was addressed through\r\nadditional bounds checking.\r\nCVE-ID\r\nCVE-2013-1026 : Felix Groebert of the Google Security Team\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: A malicious local application could cause an unexpected\r\nsystem termination\r\nDescription: A null pointer dereference existed in IOCatalogue.\r\nThe issue was addressed through additional type checking.\r\nCVE-ID\r\nCVE-2013-5138 : Will Estes\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Executing a malicious application may result in arbitrary\r\ncode execution within the kernel\r\nDescription: An out of bounds array access existed in the\r\nIOSerialFamily driver. This issue was addressed through additional\r\nbounds checking.\r\nCVE-ID\r\nCVE-2013-5139 : @dent1zt\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: A remote attacker can cause a device to unexpectedly restart\r\nDescription: Sending an invalid packet fragment to a device can\r\ncause a kernel assert to trigger, leading to a device restart. The\r\nissue was addressed through additional validation of packet\r\nfragments.\r\nCVE-ID\r\nCVE-2013-5140 : Joonas Kuorilehto of Codenomicon, an anonymous\r\nresearcher working with CERT-FI, Antti LevomAki and Lauri Virtanen\r\nof Vulnerability Analysis Group, Stonesoft\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: An attacker on a local network can cause a denial of service\r\nDescription: An attacker on a local network can send specially\r\ncrafted IPv6 ICMP packets and cause high CPU load. The issue was\r\naddressed by rate limiting ICMP packets before verifying their\r\nchecksum.\r\nCVE-ID\r\nCVE-2011-2391 : Marc Heuse\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Kernel stack memory may be disclosed to local users\r\nDescription: An information disclosure issue existed in the msgctl\r\nand segctl APIs. This issue was addressed by initializing data\r\nstructures returned from the kernel.\r\nCVE-ID\r\nCVE-2013-5142 : Kenzley Alphonse of Kenx Technology, Inc\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Unprivileged processes could get access to the contents of\r\nkernel memory which could lead to privilege escalation\r\nDescription: An information disclosure issue existed in the\r\nmach_port_space_info API. This issue was addressed by initializing\r\nthe iin_collision field in structures returned from the kernel.\r\nCVE-ID\r\nCVE-2013-3953 : Stefan Esser\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Unprivileged processes may be able to cause an unexpected\r\nsystem termination or arbitrary code execution in the kernel\r\nDescription: A memory corruption issue existed in the handling of\r\narguments to the posix_spawn API. This issue was addressed through\r\nadditional bounds checking.\r\nCVE-ID\r\nCVE-2013-3954 : Stefan Esser\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: An unauthorized process may modify the set of loaded kernel\r\nextensions\r\nDescription: An issue existed in kextd's handling of IPC messages\r\nfrom unauthenticated senders. This issue was addressed by adding\r\nadditional authorization checks.\r\nCVE-ID\r\nCVE-2013-5145 : "Rainbow PRISM"\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Viewing a maliciously crafted web page may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in libxml.\r\nThese issues were addressed by updating libxml to version 2.9.0.\r\nCVE-ID\r\nCVE-2011-3102 : Juri Aedla\r\nCVE-2012-0841\r\nCVE-2012-2807 : Juri Aedla\r\nCVE-2012-5134 : Google Chrome Security Team (Juri Aedla)\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Viewing a maliciously crafted web page may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in libxslt.\r\nThese issues were addressed by updating libxslt to version 1.1.28.\r\nCVE-ID\r\nCVE-2012-2825 : Nicolas Gregoire\r\nCVE-2012-2870 : Nicolas Gregoire\r\nCVE-2012-2871 : Kai Lu of Fortinet's FortiGuard Labs, Nicolas\r\nGregoire\r\n\r\nApple TV\r\nAvailable for: Apple TV 2nd generation and later\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2013-0879 : Atte Kettunen of OUSPG\r\nCVE-2013-0991 : Jay Civelli of the Chromium development community\r\nCVE-2013-0992 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-0993 : Google Chrome Security Team (Inferno)\r\nCVE-2013-0994 : David German of Google\r\nCVE-2013-0995 : Google Chrome Security Team (Inferno)\r\nCVE-2013-0996 : Google Chrome Security Team (Inferno)\r\nCVE-2013-0997 : Vitaliy Toropov working with HP's Zero Day Initiative\r\nCVE-2013-0998 : pa_kt working with HP's Zero Day Initiative\r\nCVE-2013-0999 : pa_kt working with HP's Zero Day Initiative\r\nCVE-2013-1000 : Fermin J. Serna of the Google Security Team\r\nCVE-2013-1001 : Ryan Humenick\r\nCVE-2013-1002 : Sergey Glazunov\r\nCVE-2013-1003 : Google Chrome Security Team (Inferno)\r\nCVE-2013-1004 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-1005 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-1006 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-1007 : Google Chrome Security Team (Inferno)\r\nCVE-2013-1008 : Sergey Glazunov\r\nCVE-2013-1010 : miaubiz\r\nCVE-2013-1011\r\nCVE-2013-1037 : Google Chrome Security Team\r\nCVE-2013-1038 : Google Chrome Security Team\r\nCVE-2013-1039 : own-hero Research working with iDefense VCP\r\nCVE-2013-1040 : Google Chrome Security Team\r\nCVE-2013-1041 : Google Chrome Security Team\r\nCVE-2013-1042 : Google Chrome Security Team\r\nCVE-2013-1043 : Google Chrome Security Team\r\nCVE-2013-1044 : Apple\r\nCVE-2013-1045 : Google Chrome Security Team\r\nCVE-2013-1046 : Google Chrome Security Team\r\nCVE-2013-1047 : miaubiz\r\nCVE-2013-2842 : Cyril Cattiaux\r\nCVE-2013-5125 : Google Chrome Security Team\r\nCVE-2013-5126 : Apple\r\nCVE-2013-5127 : Google Chrome Security Team\r\nCVE-2013-5128 : Apple\r\n\r\n\r\nInstallation note:\r\n\r\nApple TV will periodically check for software updates. Alternatively,\r\nyou may manually check for software updates by selecting\r\n"Settings -> General -> Update Software".\r\n\r\nTo check the current version of software, select\r\n"Settings -> General -> About".\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJSPKFKAAoJEPefwLHPlZEwbNcP/352LQ8RLNL4kdQN7HkNV4lE\r\nF4r9LGM+SUyUHaXO/mUDGZxodhsLYdEVPZ9gYAkecbxqYBRw8vHiXtRHIwMdl92I\r\nOWIAtr5Zbd55Dv9hH7SvC9ji4bA+I+8AScVZkkXIresh8fRlkID/KxM9Z8ImgVpz\r\nb3pmFAfI35VaEdsefjX32f9p9SAEq58qi+59LVVjwnMu1/29zbvQlVatYz5+ISaz\r\nLiBIV8zCpeDiaa3M+VmHQFR8CRjlDHinEs55wlFsKITQ29iABAO4hHQJg5+djPwo\r\ntWZo6nVEuMhbwTL9xHKFriwmsio17Ky/qdJu1+c6nBfz/Wu2SqqtgwQTJXgOEU6N\r\nG7N3bvLpaTE7rtPRmeFrXg79wfKVGgwu1OwYvTDnMQ7VcI9Oal2akSBDzEMHXHVN\r\nwvUDbXAU2Ya+Ii46kgm5Xbbhr4yw2ckbuY7/b4w7S1iPFLGgk29vQK0wazF8yj/E\r\nyoPLWgTUgQLwWldvxHX/XcOTSXAlf2tOvWz257DMqoqT8brQ6a5CjAvTDHRRRFau\r\npOkzb3hV/C4Rx/8L+O/NVYLH4RmWhyjqfzKLvIYGTM1w8AoBKqvNcUitlwDMQTyw\r\nd9dhdaD6WbqOh9SC4qj3Nr6LijRr4Elgp+HUBlBmvnanS26zUsynXRYy1bvnJ3Po\r\nXp07MGtHmSPNt4ShV2XP\r\n=G8s7\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2013-10-02T00:00:00", "title": "APPLE-SA-2013-09-20-1 Apple TV 6.0", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:49", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2013-1045", "CVE-2013-1002", "CVE-2013-1005", "CVE-2013-1038", "CVE-2013-2842", "CVE-2013-1001", "CVE-2012-2871", "CVE-2013-1040", "CVE-2013-1000", "CVE-2013-5140", "CVE-2013-1003", "CVE-2013-3954", "CVE-2013-0992", "CVE-2013-1043", "CVE-2013-5134", "CVE-2013-1044", "CVE-2013-0998", "CVE-2013-5126", "CVE-2013-5125", "CVE-2013-1026", "CVE-2013-1004", "CVE-2013-5142", "CVE-2012-2825", "CVE-2013-1019", "CVE-2013-3953", "CVE-2013-1025", "CVE-2013-0879", "CVE-2012-5134", "CVE-2013-0993", "CVE-2013-5128", "CVE-2013-1042", "CVE-2013-0995", "CVE-2013-1007", "CVE-2013-0991", "CVE-2013-5145", "CVE-2013-5139", "CVE-2013-0994", "CVE-2013-1046", "CVE-2013-1041", "CVE-2013-1011", "CVE-2013-5138", "CVE-2013-1037", "CVE-2013-0997", "CVE-2012-2870", "CVE-2013-1010", "CVE-2013-1039", "CVE-2011-3102", "CVE-2013-0996", "CVE-2013-5127", "CVE-2012-0841", "CVE-2013-1006", "CVE-2013-1008", "CVE-2011-2391", "CVE-2013-1047", "CVE-2013-0999", "CVE-2012-2807", "CVE-2013-3950"], "modified": "2013-10-02T00:00:00", "id": "SECURITYVULNS:DOC:29865", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29865", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:51", "references": ["https://vulners.com/securityvulns/securityvulns:doc:29465"], "description": "Multiple memory corruptions and crossite scripting.", "edition": 1, "reporter": "BUGTRAQ", "published": "2013-06-17T00:00:00", "title": "WebKit / Apple Safari multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:51", "vector": "NONE", "value": 4.3}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Safari", "version": "6.0", "operator": "eq"}], "cvelist": ["CVE-2013-1002", "CVE-2013-1005", "CVE-2013-1001", "CVE-2013-1000", "CVE-2013-1003", "CVE-2013-0992", "CVE-2013-0998", "CVE-2013-1004", "CVE-2013-1013", "CVE-2013-0879", "CVE-2013-1012", "CVE-2013-0993", "CVE-2013-0995", "CVE-2013-1007", "CVE-2013-1023", "CVE-2013-0991", "CVE-2013-0926", "CVE-2013-0994", "CVE-2013-1011", "CVE-2013-0997", "CVE-2013-1010", "CVE-2013-0996", "CVE-2013-1006", "CVE-2013-1008", "CVE-2013-0999", "CVE-2013-1009"], "modified": "2013-06-17T00:00:00", "id": "SECURITYVULNS:VULN:13127", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13127", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:49", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2013-09-18-2 iOS 7\r\n\r\niOS 7 is now available and addresses the following:\r\n\r\nCertificate Trust Policy\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Root certificates have been updated\r\nDescription: Several certificates were added to or removed from the\r\nlist of system roots.\r\n\r\nCoreGraphics\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Viewing a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of JBIG2\r\nencoded data in PDF files. This issue was addressed through\r\nadditional bounds checking.\r\nCVE-ID\r\nCVE-2013-1025 : Felix Groebert of the Google Security Team\r\n\r\nCoreMedia\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Playing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of Sorenson\r\nencoded movie files. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2013-1019 : Tom Gallagher (Microsoft) & Paul Bates (Microsoft)\r\nworking with HP's Zero Day Initiative\r\n\r\nData Protection\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Apps could bypass passcode-attempt restrictions\r\nDescription: A privilege separation issue existed in Data\r\nProtection. An app within the third-party sandbox could repeatedly\r\nattempt to determine the user's passcode regardless of the user's\r\n"Erase Data" setting. This issue was addressed by requiring\r\nadditional entitlement checks.\r\nCVE-ID\r\nCVE-2013-0957 : Jin Han of the Institute for Infocomm Research\r\nworking with Qiang Yan and Su Mon Kywe of Singapore Management\r\nUniversity\r\n\r\nData Security\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker with a privileged network position may intercept\r\nuser credentials or other sensitive information\r\nDescription: TrustWave, a trusted root CA, has issued, and\r\nsubsequently revoked, a sub-CA certificate from one of its trusted\r\nanchors. This sub-CA facilitated the interception of communications\r\nsecured by Transport Layer Security (TLS). This update added the\r\ninvolved sub-CA certificate to OS X's list of untrusted certificates.\r\nCVE-ID\r\nCVE-2013-5134\r\n\r\ndyld\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker who has arbitrary code execution on a device may\r\nbe able to persist code execution across reboots\r\nDescription: Multiple buffer overflows existed in dyld's\r\nopenSharedCacheFile() function. These issues were addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2013-3950 : Stefan Esser\r\n\r\nFile Systems\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker who can mount a non-HFS filesystem may be able\r\nto cause an unexpected system termination or arbitrary code execution\r\nwith kernel privileges\r\nDescription: A memory corruption issue existed in the handling of\r\nAppleDouble files. This issue was addressed by removing support for\r\nAppleDouble files.\r\nCVE-ID\r\nCVE-2013-3955 : Stefan Esser\r\n\r\nImageIO\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Viewing a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of JPEG2000\r\nencoded data in PDF files. This issue was addressed through\r\nadditional bounds checking.\r\nCVE-ID\r\nCVE-2013-1026 : Felix Groebert of the Google Security Team\r\n\r\nIOKit\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Background applications could inject user interface events\r\ninto the foreground app\r\nDescription: It was possible for background applications to inject\r\nuser interface events into the foreground application using the task\r\ncompletion or VoIP APIs. This issue was addressed by enforcing access\r\ncontrols on foreground and background processes that handle interface\r\nevents.\r\nCVE-ID\r\nCVE-2013-5137 : Mackenzie Straight at Mobile Labs\r\n\r\nIOKitUser\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious local application could cause an unexpected\r\nsystem termination\r\nDescription: A null pointer dereference existed in IOCatalogue.\r\nThe issue was addressed through additional type checking.\r\nCVE-ID\r\nCVE-2013-5138 : Will Estes\r\n\r\nIOSerialFamily\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Executing a malicious application may result in arbitrary\r\ncode execution within the kernel\r\nDescription: An out of bounds array access existed in the\r\nIOSerialFamily driver. This issue was addressed through additional\r\nbounds checking.\r\nCVE-ID\r\nCVE-2013-5139 : @dent1zt\r\n\r\nIPSec\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker may intercept data protected with IPSec Hybrid\r\nAuth\r\nDescription: The DNS name of an IPSec Hybrid Auth server was not\r\nbeing matched against the certificate, allowing an attacker with a\r\ncertificate for any server to impersonate any other. This issue was\r\naddressed by improved certificate checking.\r\nCVE-ID\r\nCVE-2013-1028 : Alexander Traud of www.traud.de\r\n\r\nKernel\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A remote attacker can cause a device to unexpectedly restart\r\nDescription: Sending an invalid packet fragment to a device can\r\ncause a kernel assert to trigger, leading to a device restart. The\r\nissue was addressed through additional validation of packet\r\nfragments.\r\nCVE-ID\r\nCVE-2013-5140 : Joonas Kuorilehto of Codenomicon, an anonymous\r\nresearcher working with CERT-FI, Antti LevomAki and Lauri Virtanen\r\nof Vulnerability Analysis Group, Stonesoft\r\n\r\nKernel\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A malicious local application could cause device hang\r\nDescription: An integer truncation vulnerability in the kernel\r\nsocket interface could be leveraged to force the CPU into an infinite\r\nloop. The issue was addressed by using a larger sized variable.\r\nCVE-ID\r\nCVE-2013-5141 : CESG\r\n\r\nKernel\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker on a local network can cause a denial of service\r\nDescription: An attacker on a local network can send specially\r\ncrafted IPv6 ICMP packets and cause high CPU load. The issue was\r\naddressed by rate limiting ICMP packets before verifying their\r\nchecksum.\r\nCVE-ID\r\nCVE-2011-2391 : Marc Heuse\r\n\r\nKernel\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Kernel stack memory may be disclosed to local users\r\nDescription: An information disclosure issue existed in the msgctl\r\nand segctl APIs. This issue was addressed by initializing data\r\nstructures returned from the kernel.\r\nCVE-ID\r\nCVE-2013-5142 : Kenzley Alphonse of Kenx Technology, Inc\r\n\r\nKernel\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Unprivileged processes could get access to the contents of\r\nkernel memory which could lead to privilege escalation\r\nDescription: An information disclosure issue existed in the\r\nmach_port_space_info API. This issue was addressed by initializing\r\nthe iin_collision field in structures returned from the kernel.\r\nCVE-ID\r\nCVE-2013-3953 : Stefan Esser\r\n\r\nKernel\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Unprivileged processes may be able to cause an unexpected\r\nsystem termination or arbitrary code execution in the kernel\r\nDescription: A memory corruption issue existed in the handling of\r\narguments to the posix_spawn API. This issue was addressed through\r\nadditional bounds checking.\r\nCVE-ID\r\nCVE-2013-3954 : Stefan Esser\r\n\r\nKext Management\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An unauthorized process may modify the set of loaded kernel\r\nextensions\r\nDescription: An issue existed in kextd's handling of IPC messages\r\nfrom unauthenticated senders. This issue was addressed by adding\r\nadditional authorization checks.\r\nCVE-ID\r\nCVE-2013-5145 : "Rainbow PRISM"\r\n\r\nlibxml\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Viewing a maliciously crafted web page may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in libxml.\r\nThese issues were addressed by updating libxml to version 2.9.0.\r\nCVE-ID\r\nCVE-2011-3102 : Juri Aedla\r\nCVE-2012-0841\r\nCVE-2012-2807 : Juri Aedla\r\nCVE-2012-5134 : Google Chrome Security Team (Juri Aedla)\r\n\r\nlibxslt\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Viewing a maliciously crafted web page may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in libxslt.\r\nThese issues were addressed by updating libxslt to version 1.1.28.\r\nCVE-ID\r\nCVE-2012-2825 : Nicolas Gregoire\r\nCVE-2012-2870 : Nicolas Gregoire\r\nCVE-2012-2871 : Kai Lu of Fortinet's FortiGuard Labs, Nicolas\r\nGregoire\r\n\r\nPasscode Lock\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A person with physical access to the device may be able to\r\nbypass the screen lock\r\nDescription: A race condition issue existed in the handling of phone\r\ncalls and SIM card ejection at the lock screen. This issue was\r\naddressed through improved lock state management.\r\nCVE-ID\r\nCVE-2013-5147 : videosdebarraquito\r\n\r\nPersonal Hotspot\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: An attacker may be able to join a Personal Hotspot network\r\nDescription: An issue existed in the generation of Personal Hotspot\r\npasswords, resulting in passwords that could be predicted by an\r\nattacker to join a user's Personal Hotspot. The issue was addressed\r\nby generating passwords with higher entropy.\r\nCVE-ID\r\nCVE-2013-4616 : Andreas Kurtz of NESO Security Labs and Daniel Metz\r\nof University Erlangen-Nuremberg\r\n\r\nPush Notifications\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: The push notification token may be disclosed to an app\r\ncontrary to the user's decision\r\nDescription: An information disclosure issue existed in push\r\nnotification registration. Apps requesting access to the push\r\nnotification access received the token before the user approved the\r\napp's use of push notifications. This issue was addressed by\r\nwithholding access to the token until the user has approved access.\r\nCVE-ID\r\nCVE-2013-5149 : Jack Flintermann of Grouper, Inc.\r\n\r\nSafari\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\nXML files. This issue was addressed through additional bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2013-1036 : Kai Lu of Fortinet's FortiGuard Labs\r\n\r\nSafari\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: History of pages recently visited in an open tab may remain\r\nafter clearing of history\r\nDescription: Clearing Safari's history did not clear the\r\nback/forward history for open tabs. This issue was addressed by\r\nclearing the back/forward history.\r\nCVE-ID\r\nCVE-2013-5150\r\n\r\nSafari\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Viewing files on a website may lead to script execution even\r\nwhen the server sends a 'Content-Type: text/plain' header\r\nDescription: Mobile Safari sometimes treated files as HTML files\r\neven when the server sent a 'Content-Type: text/plain' header. This\r\nmay lead to cross-site scripting on sites that allow users to upload\r\nfiles. This issue was addressed through improved handling of files\r\nwhen 'Content-Type: text/plain' is set.\r\nCVE-ID\r\nCVE-2013-5151 : Ben Toews of Github\r\n\r\nSafari\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may allow an arbitrary URL to\r\nbe displayed\r\nDescription: A URL bar spoofing issue existed in Mobile Safari. This\r\nissue was addressed through improved URL tracking.\r\nCVE-ID\r\nCVE-2013-5152 : Keita Haga of keitahaga.com, Lukasz Pilorz of RBS\r\n\r\nSandbox\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Applications that are scripts were not sandboxed\r\nDescription: Third-party applications which used the #! syntax to\r\nrun a script were sandboxed based on the identity of the script\r\ninterpreter, not the script. The interpreter may not have a sandbox\r\ndefined, leading to the application being run unsandboxed. This issue\r\nwas addressed by creating the sandbox based on the identity of the\r\nscript.\r\nCVE-ID\r\nCVE-2013-5154 : evad3rs\r\n\r\nSandbox\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Applications can cause a system hang\r\nDescription: Malicious third-party applications that wrote specific\r\nvalues to the /dev/random device could force the CPU to enter an\r\ninfinite loop. This issue was addressed by preventing third-party\r\napplications from writing to /dev/random.\r\nCVE-ID\r\nCVE-2013-5155 : CESG\r\n\r\nSocial\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Users recent Twitter activity could be disclosed on devices\r\nwith no passcode.\r\nDescription: An issue existed where it was possible to determine\r\nwhat Twitter accounts a user had recently interacted with. This issue\r\nwas resolved by restricting access to the Twitter icon cache.\r\nCVE-ID\r\nCVE-2013-5158 : Jonathan Zdziarski\r\n\r\nSpringboard\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: A person with physical access to a device in Lost Mode may\r\nbe able to view notifications\r\nDescription: An issue existed in the handling of notifications when\r\na device is in Lost Mode. This update addresses the issue with\r\nimproved lock state management.\r\nCVE-ID\r\nCVE-2013-5153 : Daniel Stangroom\r\n\r\nTelephony\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Malicious apps could interfere with or control telephony\r\nfunctionality\r\nDescription: An access control issue existed in the telephony\r\nsubsystem. Bypassing supported APIs, sandboxed apps could make\r\nrequests directly to a system daemon interfering with or controlling\r\ntelephony functionality. This issue was addressed by enforcing access\r\ncontrols on interfaces exposed by the telephony daemon.\r\nCVE-ID\r\nCVE-2013-5156 : Jin Han of the Institute for Infocomm Research\r\nworking with Qiang Yan and Su Mon Kywe of Singapore Management\r\nUniversity; Tielei Wang, Kangjie Lu, Long Lu, Simon Chung, and Wenke\r\nLee from the Georgia Institute of Technology\r\n\r\nTwitter\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Sandboxed apps could send tweets without user interaction or\r\npermission\r\nDescription: An access control issue existed in the Twitter\r\nsubsystem. Bypassing supported APIs, sandboxed apps could make\r\nrequests directly to a system daemon interfering with or controlling\r\nTwitter functionality. This issue was addressed by enforcing access\r\ncontrols on interfaces exposed by the Twitter daemon.\r\nCVE-ID\r\nCVE-2013-5157 : Jin Han of the Institute for Infocomm Research\r\nworking with Qiang Yan and Su Mon Kywe of Singapore Management\r\nUniversity; Tielei Wang, Kangjie Lu, Long Lu, Simon Chung, and Wenke\r\nLee from the Georgia Institute of Technology\r\n\r\nWebKit\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2013-0879 : Atte Kettunen of OUSPG\r\nCVE-2013-0991 : Jay Civelli of the Chromium development community\r\nCVE-2013-0992 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-0993 : Google Chrome Security Team (Inferno)\r\nCVE-2013-0994 : David German of Google\r\nCVE-2013-0995 : Google Chrome Security Team (Inferno)\r\nCVE-2013-0996 : Google Chrome Security Team (Inferno)\r\nCVE-2013-0997 : Vitaliy Toropov working with HP's Zero Day Initiative\r\nCVE-2013-0998 : pa_kt working with HP's Zero Day Initiative\r\nCVE-2013-0999 : pa_kt working with HP's Zero Day Initiative\r\nCVE-2013-1000 : Fermin J. Serna of the Google Security Team\r\nCVE-2013-1001 : Ryan Humenick\r\nCVE-2013-1002 : Sergey Glazunov\r\nCVE-2013-1003 : Google Chrome Security Team (Inferno)\r\nCVE-2013-1004 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-1005 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-1006 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-1007 : Google Chrome Security Team (Inferno)\r\nCVE-2013-1008 : Sergey Glazunov\r\nCVE-2013-1010 : miaubiz\r\nCVE-2013-1037 : Google Chrome Security Team\r\nCVE-2013-1038 : Google Chrome Security Team\r\nCVE-2013-1039 : own-hero Research working with iDefense VCP\r\nCVE-2013-1040 : Google Chrome Security Team\r\nCVE-2013-1041 : Google Chrome Security Team\r\nCVE-2013-1042 : Google Chrome Security Team\r\nCVE-2013-1043 : Google Chrome Security Team\r\nCVE-2013-1044 : Apple\r\nCVE-2013-1045 : Google Chrome Security Team\r\nCVE-2013-1046 : Google Chrome Security Team\r\nCVE-2013-1047 : miaubiz\r\nCVE-2013-2842 : Cyril Cattiaux\r\nCVE-2013-5125 : Google Chrome Security Team\r\nCVE-2013-5126 : Apple\r\nCVE-2013-5127 : Google Chrome Security Team\r\nCVE-2013-5128 : Apple\r\n\r\nWebKit\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a malicious website may lead to information\r\ndisclosure\r\nDescription: An information disclosure issue existed in the handling\r\nof the window.webkitRequestAnimationFrame() API. A maliciously\r\ncrafted website could use an iframe to determine if another site used\r\nwindow.webkitRequestAnimationFrame(). This issue was addressed\r\nthrough improved handling of window.webkitRequestAnimationFrame().\r\nCVE-ID\r\nCVE-2013-5159\r\n\r\nWebKit\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Copying and pasting a malicious HTML snippet may lead to a\r\ncross-site scripting attack\r\nDescription: A cross-site scripting issue existed in the handling of\r\ncopied and pasted data in HTML documents. This issue was addressed\r\nthrough additional validation of pasted content.\r\nCVE-ID\r\nCVE-2013-0926 : Aditya Gupta, Subho Halder, and Dev Kar of xys3c\r\n(xysec.com)\r\n\r\nWebKit\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to a cross-\r\nsite scripting attack\r\nDescription: A cross-site scripting issue existed in the handling of\r\niframes. This issue was addressed through improved origin tracking.\r\nCVE-ID\r\nCVE-2013-1012 : Subodh Iyengar and Erling Ellingsen of Facebook\r\n\r\nWebKit\r\nAvailable for: iPhone 3GS and later,\r\niPod touch (4th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to an\r\ninformation disclosure\r\nDescription: An information disclosure issue existed in XSSAuditor.\r\nThis issue was addressed through improved handling of URLs.\r\nCVE-ID\r\nCVE-2013-2848 : Egor Homakov\r\n\r\nWebKit\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Dragging or pasting a selection may lead to a cross-site\r\nscripting attack\r\nDescription: Dragging or pasting a selection from one site to\r\nanother may allow scripts contained in the selection to be executed\r\nin the context of the new site. This issue is addressed through\r\nadditional validation of content before a paste or a drag and drop\r\noperation.\r\nCVE-ID\r\nCVE-2013-5129 : Mario Heiderich\r\n\r\nWebKit\r\nAvailable for: iPhone 4 and later,\r\niPod touch (5th generation) and later, iPad 2 and later\r\nImpact: Visiting a maliciously crafted website may lead to a cross-\r\nsite scripting attack\r\nDescription: A cross-site scripting issue existed in the handling of\r\nURLs. This issue was addressed through improved origin tracking.\r\nCVE-ID\r\nCVE-2013-5131 : Erling A Ellingsen\r\n\r\n\r\nInstallation note:\r\n\r\nThis update is available through iTunes and Software Update on your\r\niOS device, and will not appear in your computer's Software Update\r\napplication, or in the Apple Downloads site. Make sure you have an\r\nInternet connection and have installed the latest version of iTunes\r\nfrom www.apple.com/itunes/\r\n\r\niTunes and Software Update on the device will automatically check\r\nApple's update server on its weekly schedule. When an update is\r\ndetected, it is downloaded and the option to be installed is\r\npresented to the user when the iOS device is docked. We recommend\r\napplying the update immediately if possible. Selecting Don't Install\r\nwill present the option the next time you connect your iOS device.\r\n\r\nThe automatic update process may take up to a week depending on the\r\nday that iTunes or the device checks for updates. You may manually\r\nobtain the update via the Check for Updates button within iTunes, or\r\nthe Software Update on your device.\r\n\r\nTo check that the iPhone, iPod touch, or iPad has been updated:\r\n\r\n* Navigate to Settings\r\n* Select General\r\n* Select About. The version after applying this update\r\nwill be "7.0".\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJSOe4/AAoJEPefwLHPlZEwToUP/jUGETRBdUjwN/gMmQAtl6zN\r\n0VUMbnsNH51Lhsr15p9EHYJUL97pajT0N1gdd8Q2l+2NHkQzQLJziXgsO6VFOX7e\r\nGoLNvlbyfoE0Ac9dSm9w7yi2lVf8bjGZKmEH0DAXzZD5s0ThiqPZCjTo8rCODMH2\r\nTyQgkYtcXtrAHYaFe0dceWe3Q0ORu24cuFg0xeqX+7QvzK9mSeJWiN8OtimMzDni\r\n5Dvgn7emHiuI6f3huQ25bEXK4gjN+CGwXg2RhQ7fwm9IeBdLnH1qKrFrrMHIhbrK\r\nibvud5jLS0ltUH+XnfBkoCkBntOO11vYllti8oIGCgaa5NkVkEOKbHy9uh6riGHT\r\nKXYU/LfM8tt8Ax6iknn4mYC2QYbv7OIyzSfu/scWbeawsJb4OMx71oJrROTArgQG\r\nQthFQvFk7NSe5kQlNz+xQHI5LP/ZSHTKdwT69zPIzjWQBOdcZ+4GQvmMsbKIeZeY\r\nI2oIull2C7XYav8B0o+l4WlyEewNCOHQ8znapZnjCRKT/FF/ueG/WO0J4SEWUbQz\r\nKf24sZtFtm51QekPS3vc1XHacqJLELD8ugtgYC3hh9vUqkLV3UxpLKvI8uoOPUDt\r\nSCV3qSpaxgBQtJWUZPq0MWVTDJKzX4MEB8e1p4jZAggEzfx9AdT0s7XyGm9H/UsR\r\nGowSVGG+cJtvrngVhy3E\r\n=dNVy\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2013-10-01T00:00:00", "title": "APPLE-SA-2013-09-18-2 iOS 7", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:49", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2013-1045", "CVE-2013-5155", "CVE-2013-1002", "CVE-2013-5131", "CVE-2013-1005", "CVE-2013-5157", "CVE-2013-5154", "CVE-2013-5153", "CVE-2013-1038", "CVE-2013-2842", "CVE-2013-1001", "CVE-2013-1028", "CVE-2012-2871", "CVE-2013-1040", "CVE-2013-5149", "CVE-2013-1000", "CVE-2013-5140", "CVE-2013-1003", "CVE-2013-3954", "CVE-2013-0992", "CVE-2013-1043", "CVE-2013-5134", "CVE-2013-1044", "CVE-2013-0998", "CVE-2013-5126", "CVE-2013-5125", "CVE-2013-5159", "CVE-2013-1026", "CVE-2013-1004", "CVE-2013-5142", "CVE-2013-5137", "CVE-2012-2825", "CVE-2013-5156", "CVE-2013-2848", "CVE-2013-1019", "CVE-2013-3953", "CVE-2013-1025", "CVE-2013-0879", "CVE-2012-5134", "CVE-2013-1012", "CVE-2013-0993", "CVE-2013-5128", "CVE-2013-1042", "CVE-2013-0995", "CVE-2013-1007", "CVE-2013-0991", "CVE-2013-5145", "CVE-2013-5152", "CVE-2013-0926", "CVE-2013-5139", "CVE-2013-0994", "CVE-2013-1036", "CVE-2013-1046", "CVE-2013-1041", "CVE-2013-5138", "CVE-2013-5150", "CVE-2013-0957", "CVE-2013-1037", "CVE-2013-0997", "CVE-2013-5147", "CVE-2013-4616", "CVE-2013-3955", "CVE-2012-2870", "CVE-2013-1010", "CVE-2013-1039", "CVE-2011-3102", "CVE-2013-5151", "CVE-2013-0996", "CVE-2013-5127", "CVE-2012-0841", "CVE-2013-1006", "CVE-2013-5129", "CVE-2013-5141", "CVE-2013-1008", "CVE-2011-2391", "CVE-2013-5158", "CVE-2013-1047", "CVE-2013-0999", "CVE-2012-2807", "CVE-2013-3950"], "modified": "2013-10-01T00:00:00", "id": "SECURITYVULNS:DOC:29840", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29840", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:52", "references": ["https://vulners.com/securityvulns/securityvulns:doc:30068", "https://vulners.com/securityvulns/securityvulns:doc:29840", "https://vulners.com/securityvulns/securityvulns:doc:29841"], "description": "Multiple vulnerabilities in different system components.", "edition": 1, "reporter": "APPLE", "published": "2013-12-09T00:00:00", "title": "Apple iPhone / iPad multiple securit vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:52", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "iPhone", "version": "4", "operator": "eq"}, {"name": "iPhone", "version": "5", "operator": "eq"}, {"name": "iPhone OS", "version": "7.0", "operator": "eq"}], "cvelist": ["CVE-2013-1045", "CVE-2013-5155", "CVE-2013-1002", "CVE-2013-5131", "CVE-2013-1005", "CVE-2013-5157", "CVE-2013-5154", "CVE-2013-5153", "CVE-2013-1038", "CVE-2013-2842", "CVE-2013-1001", "CVE-2013-1028", "CVE-2012-2871", "CVE-2013-1040", "CVE-2013-5149", "CVE-2013-5140", "CVE-2013-1003", "CVE-2013-3954", "CVE-2013-0992", "CVE-2013-1043", "CVE-2013-5134", "CVE-2013-1044", "CVE-2013-0998", "CVE-2013-5126", "CVE-2013-5125", "CVE-2013-5159", "CVE-2013-1026", "CVE-2013-1004", "CVE-2013-5142", "CVE-2013-5137", "CVE-2012-2825", "CVE-2013-5156", "CVE-2013-2848", "CVE-2013-1019", "CVE-2013-3953", "CVE-2013-1025", "CVE-2013-0879", "CVE-2012-5134", "CVE-2013-1012", "CVE-2013-0993", "CVE-2013-5128", "CVE-2013-1042", "CVE-2013-5160", "CVE-2013-0995", "CVE-2013-1007", "CVE-2013-0991", "CVE-2013-5145", "CVE-2013-5152", "CVE-2013-5161", "CVE-2013-0926", "CVE-2013-5139", "CVE-2013-0994", "CVE-2013-1036", "CVE-2013-1046", "CVE-2013-5138", "CVE-2013-5150", "CVE-2013-0957", "CVE-2013-1037", "CVE-2013-0997", "CVE-2013-5147", "CVE-2013-4616", "CVE-2013-3955", "CVE-2012-2870", "CVE-2013-1010", "CVE-2013-1039", "CVE-2011-3102", "CVE-2013-5151", "CVE-2013-0996", "CVE-2013-5127", "CVE-2012-0841", "CVE-2013-1006", "CVE-2013-5129", "CVE-2013-5141", "CVE-2013-1008", "CVE-2011-2391", "CVE-2013-5158", "CVE-2013-1047", "CVE-2013-0999", "CVE-2012-2807", "CVE-2013-3950"], "modified": "2013-12-09T00:00:00", "id": "SECURITYVULNS:VULN:13297", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13297", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:48", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2013-05-16-1 iTunes 11.0.3\r\n\r\niTunes 11.0.3 is now available and addresses the following:\r\n\r\niTunes\r\nAvailable for: Mac OS X v10.6.8 or later, Windows 7, Vista,\r\nXP SP2 or later\r\nImpact: An attacker in a privileged network position may manipulate\r\nHTTPS server certificates, leading to the disclosure of sensitive\r\ninformation\r\nDescription: A certificate validation issue existed in iTunes. In\r\ncertain contexts, an active network attacker could present untrusted\r\ncertificates to iTunes and they would be accepted without warning.\r\nThis issue was resolved by improved certificate validation.\r\nCVE-ID\r\nCVE-2013-1014 : Christopher of ThinkSECURE Pte Ltd, Christopher\r\nHickstein of University of Minnesota\r\n\r\niTunes\r\nAvailable for: Windows 7, Vista, XP SP2 or later\r\nImpact: A man-in-the-middle attack while browsing the iTunes Store\r\nvia iTunes may lead to an unexpected application termination or\r\narbitrary code executionn\r\nDescription: Multiple memory corruption issues existed in WebKit.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2012-2824 : miaubiz\r\nCVE-2012-2857 : Arthur Gerkis\r\nCVE-2012-3748 : Joost Pol and Daan Keuper of Certified Secure working\r\nwith HP TippingPoint's Zero Day Initiative\r\nCVE-2012-5112 : Pinkie Pie working with Google's Pwnium 2 contest\r\nCVE-2013-0879 : Atte Kettunen of OUSPG\r\nCVE-2013-0912 : Nils and Jon from MWR Labs working with HP\r\nTippingPoint's Zero Day Initiative\r\nCVE-2013-0948 : Abhishek Arya (Inferno) of the Google Chrome Security\r\nTeam\r\nCVE-2013-0949 : Abhishek Arya (Inferno) of the Google Chrome Security\r\nTeam\r\nCVE-2013-0950 : Abhishek Arya (Inferno) of the Google Chrome Security\r\nTeam\r\nCVE-2013-0951 : Apple\r\nCVE-2013-0952 : Abhishek Arya (Inferno) of the Google Chrome Security\r\nTeam\r\nCVE-2013-0953 : Abhishek Arya (Inferno) of the Google Chrome Security\r\nTeam\r\nCVE-2013-0954 : Dominic Cooney of Google and Martin Barbella of the\r\nGoogle Chrome Security Team\r\nCVE-2013-0955 : Apple\r\nCVE-2013-0956 : Apple Product Security\r\nCVE-2013-0958 : Abhishek Arya (Inferno) of the Google Chrome Security\r\nTeam\r\nCVE-2013-0959 : Abhishek Arya (Inferno) of the Google Chrome Security\r\nTeam\r\nCVE-2013-0960 : Apple\r\nCVE-2013-0961 : wushi of team509 working with iDefense VCP\r\nCVE-2013-0991 : Jay Civelli of the Chromium development community\r\nCVE-2013-0992 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-0993 : Google Chrome Security Team (Inferno)\r\nCVE-2013-0994 : David German of Google\r\nCVE-2013-0995 : Google Chrome Security Team (Inferno)\r\nCVE-2013-0996 : Google Chrome Security Team (Inferno)\r\nCVE-2013-0997 : Vitaliy Toropov working with HP TippingPoint's Zero\r\nDay Initiative\r\nCVE-2013-0998 : pa_kt working with HP TippingPoint's Zero Day\r\nInitiative\r\nCVE-2013-0999 : pa_kt working with HP TippingPoint's Zero Day\r\nInitiative\r\nCVE-2013-1000 : Fermin J. Serna of the Google Security Team\r\nCVE-2013-1001 : Ryan Humenick\r\nCVE-2013-1002 : Sergey Glazunov\r\nCVE-2013-1003 : Google Chrome Security Team (Inferno)\r\nCVE-2013-1004 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-1005 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-1006 : Google Chrome Security Team (Martin Barbella)\r\nCVE-2013-1007 : Google Chrome Security Team (Inferno)\r\nCVE-2013-1008 : Sergey Glazunov\r\nCVE-2013-1010 : miaubiz\r\nCVE-2013-1011 : Google Chrome Security Team (Inferno)\r\n\r\n\r\niTunes 11.0.3 may be obtained from:\r\nhttp://www.apple.com/itunes/download/\r\n\r\nFor OS X:\r\nThe download file is named: "iTunes11.0.3.dmg"\r\nIts SHA-1 digest is: 83f4afc5d3b5698c811c87c27b975824116bbf1d\r\n\r\nFor Windows XP / Vista / Windows 7:\r\nThe download file is named: "iTunesSetup.exe"\r\nIts SHA-1 digest is: 1e95101b584762b3c46ab597c115cd86bfd45d64\r\n\r\nFor 64-bit Windows XP / Vista / Windows 7:\r\nThe download file is named: "iTunes64Setup.exe"\r\nIts SHA-1 digest is: 6669044bd50c1f753c8412a02556a70be09fd9f8\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJRlQ9KAAoJEPefwLHPlZEwbhcP+QHZGEAVCTw4+Z5k67ninaCS\r\nBV11pa8iySzuv0XZ9Se+CsI37IT1P3bVqEw/A+1i989Q00kaGCBNyt9m65krxNVX\r\nEhFLB8IxCfZqpM4C8ENhOkrY05iOfLx/DW7ioYM9TGTckpb6ayKkUBHkqn+bY3Hq\r\nb9rVeulzPfNsm1QtNp9eRGAL5Kq8vgEAlrMebUF1vOQ8CvGoGNplk0xRBm3Wg0im\r\ngCal7A/fwp9OQUnmlUMeASgbX+Q94ytM6RbPVXwiL1ghTK4bO2LEW1PXdp58cWhv\r\nkNtqO8eOokMl6wwLI6T69GmyfvoL7p5FcDRvuLCtzf2R9j6JgkXYMamP2Mbpr4d3\r\nxlNS2slJQfyRVELnJOv8bxl7Fi2EpBQtUe4WRk7StNWf34kwAb7lWUd1amfIWNcp\r\nlZSojjpShrA7zz82FZxt3q79Tq7Y398FH7ObcJVCWdbCI89TsoBujkP/P6lcp6mz\r\nTnRVLZq6xWnWz1SUsvM5qBfb1LjUREvKDc1anWVaiqW2BJEF0Mc87hkyL5q6YrIv\r\nVyUFBT5cJIqAKUD7MzsUjDMIsyXALVyj9zh1lJ0+c8QdCjPetk8tUg6TCun0nw95\r\nnkFYZJcHDZVLzn8rC/GoE2x8CwhFwN8ATzeS/zV9vxTJ1sHBN+ewkez8i8YTIj+y\r\n9M/53y+vsPwrcmmXCS3o\r\n=eN5K\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2013-05-27T00:00:00", "title": "APPLE-SA-2013-05-16-1 iTunes 11.0.3", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:48", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2013-1014", "CVE-2013-1002", "CVE-2013-1005", "CVE-2013-1001", "CVE-2013-1000", "CVE-2013-1003", "CVE-2013-0951", "CVE-2012-2857", "CVE-2013-0992", "CVE-2013-0998", "CVE-2012-3748", "CVE-2013-0953", "CVE-2013-1004", "CVE-2012-2824", "CVE-2013-0959", "CVE-2013-0879", "CVE-2013-0993", "CVE-2013-0995", "CVE-2013-1007", "CVE-2013-0991", "CVE-2013-0954", "CVE-2013-0994", "CVE-2013-0950", "CVE-2013-0961", "CVE-2013-1011", "CVE-2013-0952", "CVE-2013-0997", "CVE-2012-5112", "CVE-2013-1010", "CVE-2013-0996", "CVE-2013-0912", "CVE-2013-0956", "CVE-2013-1006", "CVE-2013-0948", "CVE-2013-1008", "CVE-2013-0958", "CVE-2013-0960", "CVE-2013-0999", "CVE-2013-0949", "CVE-2013-0955"], "modified": "2013-05-27T00:00:00", "id": "SECURITYVULNS:DOC:29426", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29426", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:51", "references": ["https://vulners.com/securityvulns/securityvulns:doc:29426"], "description": "Certificate validation vulnerability, multiple memory corruptions.", "edition": 1, "reporter": "BUGTRAQ", "published": "2013-05-27T00:00:00", "title": "Apple iTunes multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:51", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "iTunes", "version": "11.0", "operator": "eq"}], "cvelist": ["CVE-2013-1014", "CVE-2013-1002", "CVE-2013-1005", "CVE-2013-1001", "CVE-2013-1000", "CVE-2013-1003", "CVE-2013-0951", "CVE-2012-2857", "CVE-2013-0992", "CVE-2013-0998", "CVE-2012-3748", "CVE-2013-0953", "CVE-2013-1004", "CVE-2012-2824", "CVE-2013-0959", "CVE-2013-0879", "CVE-2013-0993", "CVE-2013-0995", "CVE-2013-1007", "CVE-2013-0991", "CVE-2013-0954", "CVE-2013-0994", "CVE-2013-0950", "CVE-2013-0961", "CVE-2013-1011", "CVE-2013-0952", "CVE-2013-0997", "CVE-2012-5112", "CVE-2013-1010", "CVE-2013-0996", "CVE-2013-0912", "CVE-2013-0956", "CVE-2013-1006", "CVE-2013-0948", "CVE-2013-1008", "CVE-2013-0958", "CVE-2013-0960", "CVE-2013-0999", "CVE-2013-0949", "CVE-2013-0955"], "modified": "2013-05-27T00:00:00", "id": "SECURITYVULNS:VULN:13092", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13092", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:48", "references": ["https://vulners.com/securityvulns/securityvulns:doc:28605"], "description": "Information leakages, DoS conditions, memory corruptions.", "edition": 1, "reporter": "BUGTRAQ", "published": "2012-10-05T00:00:00", "title": "libxslt multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:48", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "libxlt", "version": "1.1", "operator": "eq"}], "cvelist": ["CVE-2011-1202", "CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2012-10-05T00:00:00", "id": "SECURITYVULNS:VULN:12615", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12615", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cve": [{"lastseen": "2016-09-03T18:55:58", "references": ["http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", "http://support.apple.com/kb/HT5934", "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html", "http://www.securitytracker.com/id/1029054"], "edition": 1, "description": "The kernel in Apple iOS before 7 does not initialize unspecified kernel data structures, which allows local users to obtain sensitive information from kernel stack memory via the (1) msgctl API or (2) segctl API.", "reporter": "NVD", "published": "2013-09-19T06:28:00", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "type": "cve", "title": "CVE-2013-5142", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-5142"], "scanner": [], "modified": "2013-10-30T23:35:29", "cpe": ["cpe:/o:apple:iphone_os:1.1.0", "cpe:/o:apple:iphone_os:4.2.1", "cpe:/o:apple:iphone_os:5.0", "cpe:/o:apple:iphone_os:2.0.0", "cpe:/o:apple:iphone_os:3.0", "cpe:/o:apple:iphone_os:4.1", "cpe:/o:apple:iphone_os:2.2.1", "cpe:/o:apple:iphone_os:6.0", "cpe:/o:apple:iphone_os:2.0.1", "cpe:/o:apple:iphone_os:6.1.3", "cpe:/o:apple:iphone_os:4.3.0", "cpe:/o:apple:iphone_os:4.2.5", "cpe:/o:apple:iphone_os:3.0.1", "cpe:/o:apple:iphone_os:5.1.1", "cpe:/o:apple:iphone_os:6.0.1", "cpe:/o:apple:iphone_os:4.3.2", "cpe:/o:apple:iphone_os:6.1.4", "cpe:/o:apple:iphone_os:6.1.2", "cpe:/o:apple:iphone_os:4.0.2", "cpe:/o:apple:iphone_os:3.1.3", "cpe:/o:apple:iphone_os:4.0.1", "cpe:/o:apple:iphone_os:6.1", "cpe:/o:apple:iphone_os:2.1", "cpe:/o:apple:iphone_os:4.0", "cpe:/o:apple:iphone_os:2.0", "cpe:/o:apple:iphone_os:1.1.2", "cpe:/o:apple:iphone_os:6.0.2", "cpe:/o:apple:iphone_os:1.1.4", "cpe:/o:apple:iphone_os:3.1", "cpe:/o:apple:iphone_os:4.2.8", "cpe:/o:apple:iphone_os:4.3.3", "cpe:/o:apple:iphone_os:5.0.1", "cpe:/o:apple:iphone_os:1.1.1", "cpe:/o:apple:iphone_os:5.1", "cpe:/o:apple:iphone_os:2.2", "cpe:/o:apple:iphone_os:3.2.1", "cpe:/o:apple:iphone_os:2.0.2", "cpe:/o:apple:iphone_os:1.1.3", "cpe:/o:apple:iphone_os:1.0.2", "cpe:/o:apple:iphone_os:2.1.1", "cpe:/o:apple:iphone_os:3.2.2", "cpe:/o:apple:iphone_os:3.2", "cpe:/o:apple:iphone_os:3.1.2", "cpe:/o:apple:iphone_os:1.1.5", "cpe:/o:apple:iphone_os:1.0.0", "cpe:/o:apple:iphone_os:1.0.1", "cpe:/o:apple:iphone_os:4.3.5", "cpe:/o:apple:iphone_os:4.3.1"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5142", "id": "CVE-2013-5142", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-03T18:41:48", "references": ["http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", "http://www.syscan.org/index.php/sg/program/day/2", "http://support.apple.com/kb/HT5934", "http://antid0te.com/syscan_2013/SyScan2013_Mountain_Lion_iOS_Vulnerabilities_Garage_Sale_Whitepaper.pdf", "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html", "http://www.securitytracker.com/id/1029054"], "edition": 1, "description": "Stack-based buffer overflow in the openSharedCacheFile function in dyld.cpp in dyld in Apple iOS 5.1.x and 6.x through 6.1.3 makes it easier for attackers to conduct untethering attacks via a long string in the DYLD_SHARED_CACHE_DIR environment variable.", "reporter": "NVD", "published": "2013-06-05T10:39:55", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "CVE-2013-3950", "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-3950"], "scanner": [], "modified": "2013-10-30T23:34:37", "cpe": ["cpe:/o:apple:iphone_os:6.0", "cpe:/o:apple:iphone_os:6.1.3", "cpe:/o:apple:iphone_os:5.1.1", "cpe:/o:apple:iphone_os:6.0.1", "cpe:/o:apple:iphone_os:6.1.2", "cpe:/o:apple:iphone_os:6.1", "cpe:/o:apple:iphone_os:6.0.2", "cpe:/o:apple:iphone_os:5.1"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3950", "id": "CVE-2013-3950", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-03T18:55:52", "references": ["http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", "http://support.apple.com/kb/HT5934", "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html", "http://www.securitytracker.com/id/1029054"], "edition": 1, "description": "IOCatalogue in IOKitUser in Apple iOS before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via a crafted application.", "reporter": "NVD", "published": "2013-09-19T06:28:00", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "type": "cve", "title": "CVE-2013-5138", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-5138"], "scanner": [], "modified": "2013-10-30T23:35:29", "cpe": ["cpe:/o:apple:iphone_os:1.1.0", "cpe:/o:apple:iphone_os:4.2.1", "cpe:/o:apple:iphone_os:5.0", "cpe:/o:apple:iphone_os:2.0.0", "cpe:/o:apple:iphone_os:3.0", "cpe:/o:apple:iphone_os:4.1", "cpe:/o:apple:iphone_os:2.2.1", "cpe:/o:apple:iphone_os:6.0", "cpe:/o:apple:iphone_os:2.0.1", "cpe:/o:apple:iphone_os:6.1.3", "cpe:/o:apple:iphone_os:4.3.0", "cpe:/o:apple:iphone_os:4.2.5", "cpe:/o:apple:iphone_os:3.0.1", "cpe:/o:apple:iphone_os:5.1.1", "cpe:/o:apple:iphone_os:6.0.1", "cpe:/o:apple:iphone_os:4.3.2", "cpe:/o:apple:iphone_os:6.1.4", "cpe:/o:apple:iphone_os:6.1.2", "cpe:/o:apple:iphone_os:4.0.2", "cpe:/o:apple:iphone_os:3.1.3", "cpe:/o:apple:iphone_os:4.0.1", "cpe:/o:apple:iphone_os:6.1", "cpe:/o:apple:iphone_os:2.1", "cpe:/o:apple:iphone_os:4.0", "cpe:/o:apple:iphone_os:2.0", "cpe:/o:apple:iphone_os:1.1.2", "cpe:/o:apple:iphone_os:6.0.2", "cpe:/o:apple:iphone_os:1.1.4", "cpe:/o:apple:iphone_os:3.1", "cpe:/o:apple:iphone_os:4.2.8", "cpe:/o:apple:iphone_os:4.3.3", "cpe:/o:apple:iphone_os:5.0.1", "cpe:/o:apple:iphone_os:1.1.1", "cpe:/o:apple:iphone_os:5.1", "cpe:/o:apple:iphone_os:2.2", "cpe:/o:apple:iphone_os:3.2.1", "cpe:/o:apple:iphone_os:2.0.2", "cpe:/o:apple:iphone_os:1.1.3", "cpe:/o:apple:iphone_os:1.0.2", "cpe:/o:apple:iphone_os:2.1.1", "cpe:/o:apple:iphone_os:3.2.2", "cpe:/o:apple:iphone_os:3.2", "cpe:/o:apple:iphone_os:3.1.2", "cpe:/o:apple:iphone_os:1.1.5", "cpe:/o:apple:iphone_os:1.0.0", "cpe:/o:apple:iphone_os:1.0.1", "cpe:/o:apple:iphone_os:4.3.5", "cpe:/o:apple:iphone_os:4.3.1"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5138", "id": "CVE-2013-5138", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-03T18:55:54", "references": ["http://support.apple.com/kb/HT5934", "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html", "http://www.securitytracker.com/id/1029054"], "edition": 1, "description": "The kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (assertion failure and device restart) via an invalid packet fragment.", "reporter": "NVD", "published": "2013-09-19T06:28:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "cve", "title": "CVE-2013-5140", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-5140"], "scanner": [], "modified": "2013-10-22T15:59:27", "cpe": ["cpe:/o:apple:iphone_os:1.1.0", "cpe:/o:apple:iphone_os:4.2.1", "cpe:/o:apple:iphone_os:5.0", "cpe:/o:apple:iphone_os:2.0.0", "cpe:/o:apple:iphone_os:3.0", "cpe:/o:apple:iphone_os:4.1", "cpe:/o:apple:iphone_os:2.2.1", "cpe:/o:apple:iphone_os:6.0", "cpe:/o:apple:iphone_os:2.0.1", "cpe:/o:apple:iphone_os:6.1.3", "cpe:/o:apple:iphone_os:4.3.0", "cpe:/o:apple:iphone_os:4.2.5", "cpe:/o:apple:iphone_os:3.0.1", "cpe:/o:apple:iphone_os:5.1.1", "cpe:/o:apple:iphone_os:6.0.1", "cpe:/o:apple:iphone_os:4.3.2", "cpe:/o:apple:iphone_os:6.1.4", "cpe:/o:apple:iphone_os:6.1.2", "cpe:/o:apple:iphone_os:4.0.2", "cpe:/o:apple:iphone_os:3.1.3", "cpe:/o:apple:iphone_os:4.0.1", "cpe:/o:apple:iphone_os:6.1", "cpe:/o:apple:iphone_os:2.1", "cpe:/o:apple:iphone_os:4.0", "cpe:/o:apple:iphone_os:2.0", "cpe:/o:apple:iphone_os:1.1.2", "cpe:/o:apple:iphone_os:6.0.2", "cpe:/o:apple:iphone_os:1.1.4", "cpe:/o:apple:iphone_os:3.1", "cpe:/o:apple:iphone_os:4.2.8", "cpe:/o:apple:iphone_os:4.3.3", "cpe:/o:apple:iphone_os:5.0.1", "cpe:/o:apple:iphone_os:1.1.1", "cpe:/o:apple:iphone_os:5.1", "cpe:/o:apple:iphone_os:2.2", "cpe:/o:apple:iphone_os:3.2.1", "cpe:/o:apple:iphone_os:2.0.2", "cpe:/o:apple:iphone_os:1.1.3", "cpe:/o:apple:iphone_os:1.0.2", "cpe:/o:apple:iphone_os:2.1.1", "cpe:/o:apple:iphone_os:3.2.2", "cpe:/o:apple:iphone_os:3.2", "cpe:/o:apple:iphone_os:3.1.2", "cpe:/o:apple:iphone_os:1.1.5", "cpe:/o:apple:iphone_os:1.0.0", "cpe:/o:apple:iphone_os:1.0.1", "cpe:/o:apple:iphone_os:4.3.5", "cpe:/o:apple:iphone_os:4.3.1"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5140", "id": "CVE-2013-5140", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-03T18:55:47", "references": [], "edition": 1, "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was assigned to an issue that is not within the scope of CVE. Notes: none.", "reporter": "NVD", "published": "2013-09-19T06:28:00", "title": "CVE-2013-5134", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-5134"], "scanner": [], "modified": "2013-09-19T06:28:00", "cpe": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5134", "id": "CVE-2013-5134", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2016-09-03T18:41:51", "references": ["http://www.syscan.org/index.php/sg/program/day/2", "http://support.apple.com/kb/HT5934", "http://antid0te.com/syscan_2013/SyScan2013_Mountain_Lion_iOS_Vulnerabilities_Garage_Sale_Whitepaper.pdf", "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html", "http://www.securitytracker.com/id/1029054"], "edition": 1, "description": "The mach_port_space_info function in osfmk/ipc/mach_debug.c in the XNU kernel in Apple Mac OS X 10.8.x does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted call.", "reporter": "NVD", "published": "2013-06-05T10:39:55", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "title": "CVE-2013-3953", "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-3953"], "scanner": [], "modified": "2013-10-10T23:53:13", "cpe": ["cpe:/o:apple:iphone_os:1.1.0", "cpe:/o:apple:iphone_os:4.2.1", "cpe:/o:apple:iphone_os:5.0", "cpe:/o:apple:iphone_os:2.0.0", "cpe:/o:apple:iphone_os:3.0", "cpe:/o:apple:iphone_os:4.1", "cpe:/o:apple:iphone_os:2.2.1", "cpe:/o:apple:iphone_os:6.0", "cpe:/o:apple:iphone_os:2.0.1", "cpe:/o:apple:iphone_os:6.1.3", "cpe:/o:apple:iphone_os:4.3.0", "cpe:/o:apple:iphone_os:4.2.5", "cpe:/o:apple:iphone_os:3.0.1", "cpe:/o:apple:iphone_os:5.1.1", "cpe:/o:apple:iphone_os:6.0.1", "cpe:/o:apple:mac_os_x:10.8.4", "cpe:/o:apple:iphone_os:4.3.2", "cpe:/o:apple:mac_os_x:10.8.2", "cpe:/o:apple:iphone_os:6.1.4", "cpe:/o:apple:iphone_os:6.1.2", "cpe:/o:apple:iphone_os:4.0.2", "cpe:/o:apple:iphone_os:3.1.3", "cpe:/o:apple:iphone_os:4.0.1", "cpe:/o:apple:iphone_os:6.1", "cpe:/o:apple:iphone_os:2.1", "cpe:/o:apple:iphone_os:4.0", "cpe:/o:apple:iphone_os:2.0", "cpe:/o:apple:iphone_os:1.1.2", "cpe:/o:apple:iphone_os:6.0.2", "cpe:/o:apple:iphone_os:1.1.4", "cpe:/o:apple:iphone_os:3.1", "cpe:/o:apple:mac_os_x:10.8.0", "cpe:/o:apple:iphone_os:4.2.8", "cpe:/o:apple:iphone_os:4.3.3", "cpe:/o:apple:iphone_os:5.0.1", "cpe:/o:apple:mac_os_x:10.8.1", "cpe:/o:apple:iphone_os:1.1.1", "cpe:/o:apple:iphone_os:5.1", "cpe:/o:apple:iphone_os:2.2", "cpe:/o:apple:iphone_os:3.2.1", "cpe:/o:apple:iphone_os:2.0.2", "cpe:/o:apple:iphone_os:1.1.3", "cpe:/o:apple:iphone_os:1.0.2", "cpe:/o:apple:iphone_os:2.1.1", "cpe:/o:apple:mac_os_x:10.8.3", "cpe:/o:apple:iphone_os:3.2.2", "cpe:/o:apple:iphone_os:3.2", "cpe:/o:apple:iphone_os:3.1.2", "cpe:/o:apple:iphone_os:1.1.5", "cpe:/o:apple:iphone_os:1.0.0", "cpe:/o:apple:iphone_os:1.0.1", "cpe:/o:apple:iphone_os:4.3.5", "cpe:/o:apple:iphone_os:4.3.1"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3953", "id": "CVE-2013-3953", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-03T18:55:38", "references": ["http://support.apple.com/kb/HT6001", "http://support.apple.com/kb/HT5934", "http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html", "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html", "http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html", "http://www.securitytracker.com/id/1029054"], "edition": 1, "description": "WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.", "reporter": "NVD", "published": "2013-09-19T06:27:56", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "title": "CVE-2013-5126", "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-5126"], "scanner": [], "modified": "2014-01-27T23:55:27", "cpe": ["cpe:/o:apple:iphone_os:1.1.0", "cpe:/o:apple:iphone_os:4.2.1", "cpe:/o:apple:iphone_os:5.0", "cpe:/o:apple:iphone_os:2.0.0", "cpe:/o:apple:iphone_os:3.0", "cpe:/o:apple:iphone_os:4.1", "cpe:/o:apple:iphone_os:2.2.1", "cpe:/o:apple:iphone_os:6.0", "cpe:/o:apple:iphone_os:2.0.1", "cpe:/o:apple:iphone_os:6.1.3", "cpe:/o:apple:iphone_os:4.3.0", "cpe:/o:apple:iphone_os:4.2.5", "cpe:/o:apple:iphone_os:3.0.1", "cpe:/o:apple:iphone_os:5.1.1", "cpe:/o:apple:iphone_os:6.0.1", "cpe:/o:apple:iphone_os:4.3.2", "cpe:/o:apple:iphone_os:6.1.4", "cpe:/o:apple:iphone_os:6.1.2", "cpe:/o:apple:iphone_os:4.0.2", "cpe:/o:apple:iphone_os:3.1.3", "cpe:/o:apple:iphone_os:4.0.1", "cpe:/o:apple:iphone_os:6.1", "cpe:/o:apple:iphone_os:2.1", "cpe:/o:apple:iphone_os:4.0", "cpe:/o:apple:iphone_os:2.0", "cpe:/o:apple:iphone_os:1.1.2", "cpe:/o:apple:iphone_os:6.0.2", "cpe:/o:apple:iphone_os:1.1.4", "cpe:/o:apple:iphone_os:3.1", "cpe:/o:apple:iphone_os:4.2.8", "cpe:/o:apple:iphone_os:4.3.3", "cpe:/o:apple:iphone_os:5.0.1", "cpe:/o:apple:iphone_os:1.1.1", "cpe:/o:apple:iphone_os:5.1", "cpe:/o:apple:iphone_os:2.2", "cpe:/o:apple:iphone_os:3.2.1", "cpe:/o:apple:iphone_os:2.0.2", "cpe:/o:apple:iphone_os:1.1.3", "cpe:/o:apple:iphone_os:1.0.2", "cpe:/o:apple:iphone_os:2.1.1", "cpe:/o:apple:iphone_os:3.2.2", "cpe:/o:apple:iphone_os:3.2", "cpe:/o:apple:iphone_os:3.1.2", "cpe:/o:apple:iphone_os:1.1.5", "cpe:/o:apple:iphone_os:1.0.0", "cpe:/o:apple:iphone_os:1.0.1", "cpe:/o:apple:iphone_os:4.3.5", "cpe:/o:apple:iphone_os:4.3.1"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5126", "id": "CVE-2013-5126", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-03T18:55:59", "references": ["http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", "http://support.apple.com/kb/HT5934", "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html", "http://www.securitytracker.com/id/1029054"], "edition": 1, "description": "kextd in Kext Management in Apple iOS before 7 does not properly verify authorization for IPC messages, which allows local users to (1) load or (2) unload kernel extensions via a crafted message.", "reporter": "NVD", "published": "2013-09-19T06:28:00", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "title": "CVE-2013-5145", "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-5145"], "scanner": [], "modified": "2013-10-30T23:35:30", "cpe": ["cpe:/o:apple:iphone_os:1.1.0", "cpe:/o:apple:iphone_os:4.2.1", "cpe:/o:apple:iphone_os:5.0", "cpe:/o:apple:iphone_os:2.0.0", "cpe:/o:apple:iphone_os:3.0", "cpe:/o:apple:iphone_os:4.1", "cpe:/o:apple:iphone_os:2.2.1", "cpe:/o:apple:iphone_os:6.0", "cpe:/o:apple:iphone_os:2.0.1", "cpe:/o:apple:iphone_os:6.1.3", "cpe:/o:apple:iphone_os:4.3.0", "cpe:/o:apple:iphone_os:4.2.5", "cpe:/o:apple:iphone_os:3.0.1", "cpe:/o:apple:iphone_os:5.1.1", "cpe:/o:apple:iphone_os:6.0.1", "cpe:/o:apple:iphone_os:4.3.2", "cpe:/o:apple:iphone_os:6.1.4", "cpe:/o:apple:iphone_os:6.1.2", "cpe:/o:apple:iphone_os:4.0.2", "cpe:/o:apple:iphone_os:3.1.3", "cpe:/o:apple:iphone_os:4.0.1", "cpe:/o:apple:iphone_os:6.1", "cpe:/o:apple:iphone_os:2.1", "cpe:/o:apple:iphone_os:4.0", "cpe:/o:apple:iphone_os:2.0", "cpe:/o:apple:iphone_os:1.1.2", "cpe:/o:apple:iphone_os:6.0.2", "cpe:/o:apple:iphone_os:1.1.4", "cpe:/o:apple:iphone_os:3.1", "cpe:/o:apple:iphone_os:4.2.8", "cpe:/o:apple:iphone_os:4.3.3", "cpe:/o:apple:iphone_os:5.0.1", "cpe:/o:apple:iphone_os:1.1.1", "cpe:/o:apple:iphone_os:5.1", "cpe:/o:apple:iphone_os:2.2", "cpe:/o:apple:iphone_os:3.2.1", "cpe:/o:apple:iphone_os:2.0.2", "cpe:/o:apple:iphone_os:1.1.3", "cpe:/o:apple:iphone_os:1.0.2", "cpe:/o:apple:iphone_os:2.1.1", "cpe:/o:apple:iphone_os:3.2.2", "cpe:/o:apple:iphone_os:3.2", "cpe:/o:apple:iphone_os:3.1.2", "cpe:/o:apple:iphone_os:1.1.5", "cpe:/o:apple:iphone_os:1.0.0", "cpe:/o:apple:iphone_os:1.0.1", "cpe:/o:apple:iphone_os:4.3.5", "cpe:/o:apple:iphone_os:4.3.1"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5145", "id": "CVE-2013-5145", "cvss": {"score": 6.3, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-08-29T12:17:50", "references": ["http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00023.html", "https://code.google.com/p/chromium/issues/detail?id=158249", "http://www.ubuntu.com/usn/USN-1656-1", "http://www.debian.org/security/2012/dsa-2580", "http://www.securitytracker.com/id?1027815", "http://support.apple.com/kb/HT6001", "http://www.securityfocus.com/bid/56684", "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html", "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html", "http://git.gnome.org/browse/libxml2/commit/?id=6a36fbe3b3e001a8a840b5c1fdd81cefc9947f0d", "http://support.apple.com/kb/HT5934", "http://rhn.redhat.com/errata/RHSA-2012-1512.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2013:056", "http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html", "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/80294", "http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html", "https://bugzilla.redhat.com/show_bug.cgi?id=880466", "http://rhn.redhat.com/errata/RHSA-2013-0217.html"], "edition": 2, "description": "Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document.", "reporter": "NVD", "published": "2012-11-27T20:55:01", "title": "CVE-2012-5134", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2012-5134"], "scanner": [], "cpe": ["cpe:/a:google:chrome:23.0.1271.23", "cpe:/a:xmlsoft:libxml2:2.7.4", "cpe:/a:google:chrome:23.0.1271.61", "cpe:/a:google:chrome:23.0.1271.0", "cpe:/a:xmlsoft:libxml2:2.1.1", "cpe:/a:xmlsoft:libxml2:2.4.13", "cpe:/a:xmlsoft:libxml2:2.6.27", "cpe:/a:xmlsoft:libxml2:2.5.10", "cpe:/a:xmlsoft:libxml2:2.3.7", "cpe:/o:apple:iphone_os:1.1.0", "cpe:/a:google:chrome:23.0.1271.44", "cpe:/a:xmlsoft:libxml2:2.4.15", "cpe:/a:xmlsoft:libxml2:2.0.0", "cpe:/a:google:chrome:23.0.1271.64", "cpe:/a:xmlsoft:libxml2:2.4.28", "cpe:/a:xmlsoft:libxml2:2.6.17", "cpe:/a:google:chrome:23.0.1271.37", "cpe:/o:apple:iphone_os:4.2.1", "cpe:/a:google:chrome:23.0.1271.24", "cpe:/a:xmlsoft:libxml2:1.8.4", "cpe:/a:xmlsoft:libxml2:2.4.18", "cpe:/a:xmlsoft:libxml2:2.4.1", "cpe:/a:google:chrome:23.0.1271.3", "cpe:/a:xmlsoft:libxml2:1.8.5", "cpe:/a:xmlsoft:libxml2:2.7.0", "cpe:/a:xmlsoft:libxml2:2.3.5", "cpe:/a:xmlsoft:libxml2:2.6.7", "cpe:/o:apple:iphone_os:5.0", "cpe:/a:xmlsoft:libxml2:2.6.2", "cpe:/a:google:chrome:23.0.1271.54", "cpe:/o:apple:iphone_os:2.0.0", "cpe:/a:xmlsoft:libxml2:2.3.4", "cpe:/o:apple:iphone_os:3.0", "cpe:/a:xmlsoft:libxml2:1.8.1", "cpe:/a:xmlsoft:libxml2:2.4.5", "cpe:/a:xmlsoft:libxml2:2.2.6", "cpe:/o:apple:iphone_os:4.1", "cpe:/a:xmlsoft:libxml2:1.8.0", "cpe:/o:apple:iphone_os:2.2.1", "cpe:/o:apple:iphone_os:6.0", "cpe:/o:apple:iphone_os:2.0.1", "cpe:/a:google:chrome:23.0.1271.39", "cpe:/a:google:chrome:23.0.1271.41", "cpe:/a:xmlsoft:libxml2:2.5.4", "cpe:/a:xmlsoft:libxml2:2.5.7", "cpe:/a:xmlsoft:libxml2:2.3.1", "cpe:/o:apple:iphone_os:6.1.3", "cpe:/a:google:chrome:23.0.1271.19", "cpe:/a:google:chrome:23.0.1271.51", "cpe:/a:xmlsoft:libxml2:2.4.10", "cpe:/a:google:chrome:23.0.1271.16", "cpe:/a:xmlsoft:libxml2:2.4.12", "cpe:/a:xmlsoft:libxml2:2.6.20", "cpe:/o:apple:iphone_os:4.3.0", "cpe:/a:google:chrome:23.0.1271.32", "cpe:/a:google:chrome:23.0.1271.84", "cpe:/o:apple:iphone_os:4.2.5", "cpe:/a:xmlsoft:libxml2:2.6.11", "cpe:/a:google:chrome:23.0.1271.60", "cpe:/a:google:chrome:23.0.1271.31", "cpe:/o:apple:iphone_os:3.0.1", "cpe:/a:xmlsoft:libxml2:2.3.12", "cpe:/a:google:chrome:23.0.1271.18", "cpe:/o:apple:iphone_os:5.1.1", "cpe:/a:xmlsoft:libxml2:2.7.5", "cpe:/a:google:chrome:23.0.1271.56", "cpe:/o:apple:iphone_os:6.0.1", "cpe:/a:xmlsoft:libxml2:2.6.32", "cpe:/a:xmlsoft:libxml2:2.4.24", "cpe:/a:xmlsoft:libxml2:1.7.0", "cpe:/a:xmlsoft:libxml2:2.5.11", "cpe:/a:google:chrome:23.0.1271.57", "cpe:/a:google:chrome:23.0.1271.14", "cpe:/o:apple:iphone_os:4.3.2", "cpe:/a:xmlsoft:libxml2:2.2.0", "cpe:/a:google:chrome:23.0.1271.2", "cpe:/a:google:chrome:23.0.1271.21", "cpe:/a:google:chrome:23.0.1271.10", "cpe:/a:xmlsoft:libxml2:2.2.4", "cpe:/a:google:chrome:23.0.1271.20", "cpe:/a:xmlsoft:libxml2:2.4.26", "cpe:/a:xmlsoft:libxml2:2.6.14", "cpe:/a:xmlsoft:libxml2:2.7.7", "cpe:/a:xmlsoft:libxml2:2.2.5", "cpe:/a:xmlsoft:libxml2:2.3.0", "cpe:/a:xmlsoft:libxml2:2.6.3", "cpe:/a:xmlsoft:libxml2:2.2.0:beta", "cpe:/a:xmlsoft:libxml2:2.9.0:rc1", "cpe:/o:apple:iphone_os:6.1.4", "cpe:/o:apple:iphone_os:6.1.2", "cpe:/a:xmlsoft:libxml2:2.4.16", "cpe:/o:apple:iphone_os:4.0.2", "cpe:/a:google:chrome:23.0.1271.1", "cpe:/a:xmlsoft:libxml2:2.3.10", "cpe:/o:apple:iphone_os:3.1.3", "cpe:/a:xmlsoft:libxml2:1.7.4", "cpe:/a:xmlsoft:libxml2:2.6.18", "cpe:/a:xmlsoft:libxml2:1.8.16", "cpe:/a:google:chrome:23.0.1271.22", "cpe:/a:xmlsoft:libxml2:2.3.6", "cpe:/a:google:chrome:23.0.1271.53", "cpe:/a:xmlsoft:libxml2:2.4.30", "cpe:/a:xmlsoft:libxml2:2.6.30", "cpe:/a:google:chrome:23.0.1271.17", "cpe:/a:google:chrome:23.0.1271.36", "cpe:/a:google:chrome:23.0.1271.86", "cpe:/a:xmlsoft:libxml2:2.6.13", "cpe:/a:google:chrome:23.0.1271.46", "cpe:/a:xmlsoft:libxml2:2.4.8", "cpe:/a:xmlsoft:libxml2:2.4.29", "cpe:/a:google:chrome:23.0.1271.85", "cpe:/a:google:chrome:23.0.1271.55", "cpe:/a:google:chrome:23.0.1271.45", "cpe:/a:xmlsoft:libxml2:2.2.8", "cpe:/a:google:chrome:23.0.1271.4", "cpe:/o:apple:iphone_os:4.0.1", "cpe:/o:apple:iphone_os:6.1", "cpe:/o:apple:iphone_os:2.1", "cpe:/a:google:chrome:23.0.1271.40", "cpe:/a:xmlsoft:libxml2:1.7.2", "cpe:/a:xmlsoft:libxml2:2.4.11", "cpe:/o:apple:iphone_os:4.0", "cpe:/a:google:chrome:23.0.1271.15", "cpe:/o:apple:iphone_os:2.0", "cpe:/o:apple:iphone_os:1.1.2", "cpe:/a:google:chrome:23.0.1271.58", "cpe:/a:xmlsoft:libxml2:1.8.9", "cpe:/a:xmlsoft:libxml2:2.3.8", "cpe:/a:google:chrome:23.0.1271.49", "cpe:/a:xmlsoft:libxml2:2.6.1", "cpe:/a:xmlsoft:libxml2:1.8.2", "cpe:/a:xmlsoft:libxml2:2.6.22", "cpe:/a:xmlsoft:libxml2:2.6.12", "cpe:/o:apple:iphone_os:6.0.2", "cpe:/a:xmlsoft:libxml2:2.6.26", "cpe:/o:apple:iphone_os:1.1.4", "cpe:/a:google:chrome:23.0.1271.35", "cpe:/a:xmlsoft:libxml2:2.4.3", "cpe:/a:google:chrome:23.0.1271.83", "cpe:/a:xmlsoft:libxml2:2.2.2", "cpe:/a:xmlsoft:libxml2:2.4.27", "cpe:/o:apple:iphone_os:3.1", "cpe:/a:xmlsoft:libxml2:2.6.8", "cpe:/a:xmlsoft:libxml2:2.4.2", "cpe:/a:xmlsoft:libxml2:2.7.3", "cpe:/a:xmlsoft:libxml2:2.3.14", "cpe:/a:google:chrome:23.0.1271.52", "cpe:/o:apple:iphone_os:4.2.8", "cpe:/a:xmlsoft:libxml2:2.3.11", "cpe:/a:google:chrome:23.0.1271.87", "cpe:/a:xmlsoft:libxml2:2.4.6", "cpe:/a:xmlsoft:libxml2:2.4.22", "cpe:/a:xmlsoft:libxml2:2.6.9", "cpe:/a:google:chrome:23.0.1271.26", "cpe:/a:xmlsoft:libxml2:1.8.7", "cpe:/a:xmlsoft:libxml2:2.4.9", "cpe:/a:xmlsoft:libxml2:2.4.23", "cpe:/o:apple:iphone_os:4.3.3", "cpe:/a:xmlsoft:libxml2:2.5.0", "cpe:/o:apple:iphone_os:5.0.1", "cpe:/a:xmlsoft:libxml2:2.4.25", "cpe:/a:xmlsoft:libxml2:2.2.7", "cpe:/a:google:chrome:23.0.1271.6", "cpe:/a:xmlsoft:libxml2:2.5.8", "cpe:/o:apple:iphone_os:1.1.1", "cpe:/a:xmlsoft:libxml2:1.8.13", "cpe:/o:apple:iphone_os:5.1", "cpe:/a:xmlsoft:libxml2:1.7.1", "cpe:/a:google:chrome:23.0.1271.7", "cpe:/a:xmlsoft:libxml2:2.7.2", "cpe:/a:google:chrome:23.0.1271.13", "cpe:/a:xmlsoft:libxml2:2.3.3", "cpe:/o:apple:iphone_os:2.2", "cpe:/a:google:chrome:23.0.1271.88", "cpe:/o:apple:iphone_os:3.2.1", "cpe:/a:xmlsoft:libxml2:2.4.19", "cpe:/a:google:chrome:23.0.1271.33", "cpe:/a:google:chrome:23.0.1271.30", "cpe:/a:google:chrome:23.0.1271.8", "cpe:/o:apple:iphone_os:2.0.2", "cpe:/a:xmlsoft:libxml2:2.4.4", "cpe:/a:xmlsoft:libxml2:1.7.3", "cpe:/a:xmlsoft:libxml2:2.4.14", "cpe:/a:xmlsoft:libxml2:2.3.9", "cpe:/a:xmlsoft:libxml2:2.6.6", "cpe:/a:xmlsoft:libxml2:2.6.16", "cpe:/a:xmlsoft:libxml2:2.6.5", "cpe:/a:xmlsoft:libxml2:2.4.7", "cpe:/a:google:chrome:23.0.1271.11", "cpe:/a:google:chrome:23.0.1271.50", "cpe:/a:google:chrome:23.0.1271.5", "cpe:/a:xmlsoft:libxml2:2.2.10", "cpe:/o:apple:iphone_os:1.1.3", "cpe:/a:google:chrome:23.0.1271.12", "cpe:/o:apple:iphone_os:1.0.2", "cpe:/o:apple:iphone_os:2.1.1", "cpe:/a:xmlsoft:libxml2:1.8.14", "cpe:/a:xmlsoft:libxml2:2.7.6", "cpe:/a:xmlsoft:libxml2:2.6.4", "cpe:/a:xmlsoft:libxml2:2.4.17", "cpe:/o:apple:iphone_os:3.2.2", "cpe:/a:xmlsoft:libxml2:2.2.3", "cpe:/a:xmlsoft:libxml2:2.2.11", "cpe:/o:apple:iphone_os:3.2", "cpe:/a:xmlsoft:libxml2:2.1.0", "cpe:/a:xmlsoft:libxml2:2.3.2", "cpe:/o:apple:iphone_os:3.1.2", "cpe:/a:google:chrome:23.0.1271.62", "cpe:/a:xmlsoft:libxml2:1.8.6", "cpe:/a:xmlsoft:libxml2:2.4.21", "cpe:/a:xmlsoft:libxml2:2.9.0", "cpe:/o:apple:iphone_os:1.1.5", "cpe:/o:apple:iphone_os:1.0.0", "cpe:/o:apple:iphone_os:1.0.1", "cpe:/a:google:chrome:23.0.1271.38", "cpe:/a:xmlsoft:libxml2:1.8.3", "cpe:/o:apple:iphone_os:4.3.5", "cpe:/o:apple:iphone_os:4.3.1", "cpe:/a:xmlsoft:libxml2:2.4.20", "cpe:/a:xmlsoft:libxml2:2.3.13", "cpe:/a:xmlsoft:libxml2:2.2.9", "cpe:/a:xmlsoft:libxml2:2.7.1", "cpe:/a:xmlsoft:libxml2:2.2.1", "cpe:/a:google:chrome:23.0.1271.89", "cpe:/a:xmlsoft:libxml2:1.8.10", "cpe:/a:xmlsoft:libxml2:2.6.0"], "modified": "2017-08-28T21:32:31", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5134", "id": "CVE-2012-5134", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-29T12:17:19", "references": ["http://code.google.com/p/chromium/issues/detail?id=125462", "http://support.apple.com/kb/HT6001", "http://www.mandriva.com/security/advisories?name=MDVSA-2012:098", "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf", "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html", "http://support.apple.com/kb/HT5934", "https://lists.opensuse.org/opensuse-updates/2012-06/msg00011.html", "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2013:056", "http://www.securitytracker.com/id?1027067", "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.html", "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/75607", "http://www.debian.org/security/2012/dsa-2479", "http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html", "http://rhn.redhat.com/errata/RHSA-2013-0217.html", "http://www.securityfocus.com/bid/53540"], "description": "Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.", "edition": 3, "reporter": "NVD", "published": "2012-05-15T20:55:03", "title": "CVE-2011-3102", "type": "cve", "enchantments": {"score": {"modified": "2017-12-29T12:17:19", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2011-3102"], "scanner": [], "modified": "2017-12-28T21:29:02", "cpe": ["cpe:/o:apple:iphone_os:1.1.0", "cpe:/o:apple:iphone_os:4.2.1", "cpe:/o:apple:iphone_os:5.0", "cpe:/o:apple:iphone_os:2.0.0", "cpe:/o:apple:iphone_os:3.0", "cpe:/o:apple:iphone_os:4.1", "cpe:/o:apple:iphone_os:2.2.1", "cpe:/o:apple:iphone_os:6.0", "cpe:/o:apple:iphone_os:2.0.1", "cpe:/o:apple:iphone_os:6.1.3", "cpe:/o:apple:iphone_os:4.3.0", "cpe:/o:apple:iphone_os:4.2.5", "cpe:/o:apple:iphone_os:3.0.1", "cpe:/o:apple:iphone_os:5.1.1", "cpe:/o:apple:iphone_os:6.0.1", "cpe:/o:apple:iphone_os:4.3.2", "cpe:/o:apple:iphone_os:6.1.4", "cpe:/o:apple:iphone_os:6.1.2", "cpe:/o:apple:iphone_os:4.0.2", "cpe:/o:apple:iphone_os:3.1.3", "cpe:/o:apple:iphone_os:4.0.1", "cpe:/o:apple:iphone_os:6.1", "cpe:/o:apple:iphone_os:2.1", "cpe:/o:apple:iphone_os:4.0", "cpe:/o:apple:iphone_os:2.0", "cpe:/o:apple:iphone_os:1.1.2", "cpe:/a:google:chrome:19.0.1084.45", "cpe:/o:apple:iphone_os:6.0.2", "cpe:/o:apple:iphone_os:1.1.4", "cpe:/o:apple:iphone_os:3.1", "cpe:/o:apple:iphone_os:4.2.8", "cpe:/o:apple:iphone_os:4.3.3", "cpe:/o:apple:iphone_os:5.0.1", "cpe:/o:apple:iphone_os:1.1.1", "cpe:/o:apple:iphone_os:5.1", "cpe:/o:apple:iphone_os:2.2", "cpe:/o:apple:iphone_os:3.2.1", "cpe:/o:apple:iphone_os:2.0.2", "cpe:/o:apple:iphone_os:1.1.3", "cpe:/o:apple:iphone_os:1.0.2", "cpe:/o:apple:iphone_os:2.1.1", "cpe:/o:apple:iphone_os:3.2.2", "cpe:/o:apple:iphone_os:3.2", "cpe:/o:apple:iphone_os:3.1.2", "cpe:/o:apple:iphone_os:1.1.5", "cpe:/o:apple:iphone_os:1.0.0", "cpe:/o:apple:iphone_os:1.0.1", "cpe:/o:apple:iphone_os:4.3.5", "cpe:/o:apple:iphone_os:4.3.1"], "id": "CVE-2011-3102", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3102", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "vmware": [{"lastseen": "2018-09-02T02:40:31", "references": [], "affectedPackage": [{"OS": "Windows", "OSVersion": "any", "packageVersion": "4.1 Update 3a", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "vSphere Client", "operator": "lt"}, {"OS": "Windows", "OSVersion": "any", "packageVersion": "2.5 Update 6c", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "VirtualCenter", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "4.0", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "eq"}, {"OS": "Windows", "OSVersion": "any", "packageVersion": "4.1 Update 3a", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "vCenter Server", "operator": "lt"}, {"OS": "ESXi", "OSVersion": "any", "packageVersion": "4.0", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESXi", "operator": "eq"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "3.5", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "eq"}, {"OS": "ESXi", "OSVersion": "any", "packageVersion": "ESXi400-201302403-SG (vSphere client)", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESXi", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX400-201305402-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX410-201301405-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "ESXi", "OSVersion": "any", "packageVersion": "ESXe350-201302403-C-SG (vSphere client)", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESXi", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX410-201301402-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX410-201301403-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX400-201302401-SG (includes vSphere client)", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "ESXi", "OSVersion": "any", "packageVersion": "ESXi410-201301401-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESXi", "operator": "lt"}, {"OS": "Windows", "OSVersion": "any", "packageVersion": "4.0 Update 4b", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "vCenter Server", "operator": "lt"}, {"OS": "Windows", "OSVersion": "any", "packageVersion": "2.5 Update 6c", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "VI-Client", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX410-201301401-SG", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "ESX", "OSVersion": "any", "packageVersion": "ESX350-201302401-SG (includes vSphere client)", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "ESX", "operator": "lt"}, {"OS": "Windows", "OSVersion": "any", "packageVersion": "4.0 Update 4b", "arch": "any", "packageFilename": "UNKNOWN", "packageName": "vSphere Client", "operator": "lt"}], "description": "a. VMware vSphere client-side authentication memory corruption vulnerability \n \nVMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the handling of the management authentication protocol. To exploit this vulnerability, an attacker must convince either vCenter Server, vSphere Client or ESX to interact with a malicious server as a client. Exploitation of the issue may lead to code execution on the client system. \nTo reduce the likelihood of exploitation, vSphere components should be deployed on an isolated management network. \n \nThe Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2013-1405 to this issue. \nColumn 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. \n\n", "edition": 3, "reporter": "VMware", "published": "2013-01-31T00:00:00", "title": "VMware vSphere security updates for the authentication service and third party libraries", "type": "vmware", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-4244", "CVE-2012-2870", "CVE-2011-3102", "CVE-2012-2807", "CVE-2013-1405"], "modified": "2013-05-30T00:00:00", "id": "VMSA-2013-0001", "href": "https://www.vmware.com/security/advisories/VMSA-2013-0001.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T17:39:50", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "references": [], "enchantments_done": [], "description": "BUGTRAQ ID: 62369\r\nCVE(CAN) ID: CVE-2013-1026\r\n\r\nApple Mac OS X\u662f\u82f9\u679c\u7535\u8111\u64cd\u4f5c\u7cfb\u7edf\u8f6f\u4ef6\u3002\r\n\r\nMac OS X 10.8 - 10.8.4\u5728\u5904\u7406PDF\u6587\u4ef6\u5185JPEG2000\u7f16\u7801\u7684\u6570\u636e\u65f6\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u7279\u5236\u7684PDF\u6587\u4ef6\uff0c\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u9020\u6210\u5e94\u7528\u7ec8\u6b62\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n0\r\nApple Mac OS X 10.8 - 10.8.4\r\nApple Mac OS X\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nApple\r\n-----\r\nApple\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08HT5880\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nHT5880\uff1aAbout the security content of OS X Mountain Lion v10.8.5 and Security Update 2013-004\r\n\u94fe\u63a5\uff1ahttp://support.apple.com/kb/HT5880\r\n\r\n\u8865\u4e01\u4e0b\u8f7d\uff1ahttp://www.apple.com/support/downloads/", "reporter": "Root", "published": "2013-09-16T00:00:00", "type": "seebug", "title": "Apple MAC OS X ImageIO \u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e(CVE-2013-1026)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2013-1026"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2013-09-16T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61017", "id": "SSV:61017", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "status": "cve,details"}, {"lastseen": "2017-11-19T17:40:17", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "BUGTRAQ ID: 62368\r\nCVE(CAN) ID: CVE-2013-1025\r\n\r\nApple Mac OS X\u662f\u82f9\u679c\u7535\u8111\u64cd\u4f5c\u7cfb\u7edf\u8f6f\u4ef6\u3002\r\n\r\nMac OS X 10.8 - 10.8.4\u5728\u5904\u7406PDF\u6587\u4ef6\u5185JBIG2\u7f16\u7801\u7684\u6570\u636e\u65f6\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u7279\u5236\u7684PDF\u6587\u4ef6\uff0c\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u9020\u6210\u5e94\u7528\u7ec8\u6b62\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n0\r\nApple Mac OS X 10.8 - 10.8.4\r\nApple Mac OS X\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nApple\r\n-----\r\nApple\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08HT5880\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nHT5880\uff1aAbout the security content of OS X Mountain Lion v10.8.5 and Security Update 2013-004\r\n\u94fe\u63a5\uff1ahttp://support.apple.com/kb/HT5880\r\n\r\n\u8865\u4e01\u4e0b\u8f7d\uff1ahttp://www.apple.com/support/downloads/", "reporter": "Root", "published": "2013-09-16T00:00:00", "title": "Apple Mac OS X PDF\u6587\u4ef6\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e(CVE-2013-1025)", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2013-1025"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2013-09-16T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61023", "id": "SSV:61023", "sourceData": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "", "status": "cve,details"}, {"lastseen": "2017-11-19T17:42:20", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "CVE-2013-3950\r\n\r\nApple iOS\u662f\u7f8e\u56fd\u82f9\u679c\uff08Apple\uff09\u516c\u53f8\u4e3a\u79fb\u52a8\u8bbe\u5907\u6240\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\u652f\u6301\u7684\u8bbe\u5907\u5305\u62eciPhone\u3001iPod Touch\u3001iPad\u3001Apple TV\u3002\r\n\r\nApple iOS 5.1.x\u7248\u672c\u548c6.x\u81f36.1.3\u7248\u672c\u4e2d\u7684dyld\u4e2d\u7684dyld.cpp\u4e2d\u7684\u2018openSharedCacheFile\u2019\u51fd\u6570\u4e2d\u5b58\u5728\u57fa\u4e8e\u6808\u7684\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7DYLD_SHARED_CACHE_DIR\u73af\u5883\u53d8\u91cf\u4e2d\u8f83\u957f\u7684\u5b57\u7b26\u4e32\u5229\u7528\u8be5\u6f0f\u6d1e\u5b9e\u65bd\u8d8a\u72f1\u653b\u51fb\u3002\n0\nApple iOS 5.1.x\r\nApple iOS 6.x\r\nApple iOS 6.1.3\n\u76ee\u524d\u5382\u5546\u8fd8\u6ca1\u6709\u63d0\u4f9b\u6b64\u6f0f\u6d1e\u7684\u76f8\u5173\u8865\u4e01\u6216\u8005\u5347\u7ea7\u7a0b\u5e8f\uff0c\u5efa\u8bae\u4f7f\u7528\u6b64\u8f6f\u4ef6\u7684\u7528\u6237\u968f\u65f6\u5173\u6ce8\u5382\u5546\u7684\u4e3b\u9875\u4ee5\u83b7\u53d6\u6700\u65b0\u7248\u672c\uff1a\r\n\r\nhttp://www.apple.com/", "reporter": "Root", "published": "2013-06-06T00:00:00", "title": "Apple iOS \u2018openSharedCacheFile\u2019\u51fd\u6570\u57fa\u4e8e\u6808\u7684\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2013-3950"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2013-06-06T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60830", "id": "SSV:60830", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "sourceHref": "", "status": "details"}], "amazon": [{"lastseen": "2016-09-28T21:03:56", "references": ["https://rhn.redhat.com/errata/RHSA-2012-1265.html"], "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.1.26-2.7", "arch": "x86_64", "packageFilename": "libxslt-python-1.1.26-2.7.amzn1.x86_64", "packageName": "libxslt-python", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.1.26-2.7", "arch": "src", "packageFilename": "libxslt-1.1.26-2.7.amzn1.src", "packageName": "libxslt", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.1.26-2.7", "arch": "x86_64", "packageFilename": "libxslt-devel-1.1.26-2.7.amzn1.x86_64", "packageName": "libxslt-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.1.26-2.7", "arch": "x86_64", "packageFilename": "libxslt-debuginfo-1.1.26-2.7.amzn1.x86_64", "packageName": "libxslt-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.1.26-2.7", "arch": "x86_64", "packageFilename": "libxslt-1.1.26-2.7.amzn1.x86_64", "packageName": "libxslt", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.1.26-2.7", "arch": "i686", "packageFilename": "libxslt-debuginfo-1.1.26-2.7.amzn1.i686", "packageName": "libxslt-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.1.26-2.7", "arch": "i686", "packageFilename": "libxslt-devel-1.1.26-2.7.amzn1.i686", "packageName": "libxslt-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.1.26-2.7", "arch": "i686", "packageFilename": "libxslt-python-1.1.26-2.7.amzn1.i686", "packageName": "libxslt-python", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "1.1.26-2.7", "arch": "i686", "packageFilename": "libxslt-1.1.26-2.7.amzn1.i686", "packageName": "libxslt", "operator": "lt"}], "edition": 1, "description": "**Issue Overview:**\n\nA heap-based buffer overflow flaw was found in the way libxslt applied templates to nodes selected by certain namespaces. An attacker could use this flaw to create a malicious XSL file that, when used by an application linked against libxslt to perform an XSL transformation, could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. ([CVE-2012-2871 __](<https://access.redhat.com/security/cve/CVE-2012-2871>))\n\nSeveral denial of service flaws were found in libxslt. An attacker could use these flaws to create a malicious XSL file that, when used by an application linked against libxslt to perform an XSL transformation, could cause the application to crash. ([CVE-2012-2825 __](<https://access.redhat.com/security/cve/CVE-2012-2825>), [CVE-2012-2870 __](<https://access.redhat.com/security/cve/CVE-2012-2870>), [CVE-2011-3970 __](<https://access.redhat.com/security/cve/CVE-2011-3970>))\n\nAn information leak could occur if an application using libxslt processed an untrusted XPath expression, or used a malicious XSL file to perform an XSL transformation. If combined with other flaws, this leak could possibly help an attacker bypass intended memory corruption protections. ([CVE-2011-1202 __](<https://access.redhat.com/security/cve/CVE-2011-1202>))\n\n \n**Affected Packages:** \n\n\nlibxslt\n\n \n**Issue Correction:** \nRun _yum update libxslt_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n libxslt-python-1.1.26-2.7.amzn1.i686 \n libxslt-1.1.26-2.7.amzn1.i686 \n libxslt-devel-1.1.26-2.7.amzn1.i686 \n libxslt-debuginfo-1.1.26-2.7.amzn1.i686 \n \n src: \n libxslt-1.1.26-2.7.amzn1.src \n \n x86_64: \n libxslt-devel-1.1.26-2.7.amzn1.x86_64 \n libxslt-debuginfo-1.1.26-2.7.amzn1.x86_64 \n libxslt-python-1.1.26-2.7.amzn1.x86_64 \n libxslt-1.1.26-2.7.amzn1.x86_64 \n \n \n", "reporter": "Amazon", "published": "2012-09-22T21:33:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "amazon", "title": "Important: libxslt", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2014-09-14T17:00:00", "id": "ALAS-2012-123", "href": "https://alas.aws.amazon.com/ALAS-2012-123.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-28T21:04:00", "references": ["https://rhn.redhat.com/errata/RHSA-2012-1288.html"], "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.8-9.22", "arch": "src", "packageFilename": "libxml2-2.7.8-9.22.amzn1.src", "packageName": "libxml2", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.8-9.22", "arch": "i686", "packageFilename": "libxml2-2.7.8-9.22.amzn1.i686", "packageName": "libxml2", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.8-9.22", "arch": "x86_64", "packageFilename": "libxml2-python-2.7.8-9.22.amzn1.x86_64", "packageName": "libxml2-python", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.8-9.22", "arch": "x86_64", "packageFilename": "libxml2-2.7.8-9.22.amzn1.x86_64", "packageName": "libxml2", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.8-9.22", "arch": "i686", "packageFilename": "libxml2-python-2.7.8-9.22.amzn1.i686", "packageName": "libxml2-python", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.8-9.22", "arch": "i686", "packageFilename": "libxml2-static-2.7.8-9.22.amzn1.i686", "packageName": "libxml2-static", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.8-9.22", "arch": "i686", "packageFilename": "libxml2-debuginfo-2.7.8-9.22.amzn1.i686", "packageName": "libxml2-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.8-9.22", "arch": "x86_64", "packageFilename": "libxml2-devel-2.7.8-9.22.amzn1.x86_64", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.8-9.22", "arch": "i686", "packageFilename": "libxml2-devel-2.7.8-9.22.amzn1.i686", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.8-9.22", "arch": "x86_64", "packageFilename": "libxml2-static-2.7.8-9.22.amzn1.x86_64", "packageName": "libxml2-static", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.8-9.22", "arch": "x86_64", "packageFilename": "libxml2-debuginfo-2.7.8-9.22.amzn1.x86_64", "packageName": "libxml2-debuginfo", "operator": "lt"}], "edition": 1, "description": "**Issue Overview:**\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way libxml2 handled documents that enable entity expansion. A remote attacker could provide a large, specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. ([CVE-2012-2807 __](<https://access.redhat.com/security/cve/CVE-2012-2807>))\n\nA one byte buffer overflow was found in the way libxml2 evaluated certain parts of XML Pointer Language (XPointer) expressions. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. ([CVE-2011-3102 __](<https://access.redhat.com/security/cve/CVE-2011-3102>))\n\n \n**Affected Packages:** \n\n\nlibxml2\n\n \n**Issue Correction:** \nRun _yum update libxml2_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n libxml2-debuginfo-2.7.8-9.22.amzn1.i686 \n libxml2-static-2.7.8-9.22.amzn1.i686 \n libxml2-devel-2.7.8-9.22.amzn1.i686 \n libxml2-2.7.8-9.22.amzn1.i686 \n libxml2-python-2.7.8-9.22.amzn1.i686 \n \n src: \n libxml2-2.7.8-9.22.amzn1.src \n \n x86_64: \n libxml2-2.7.8-9.22.amzn1.x86_64 \n libxml2-debuginfo-2.7.8-9.22.amzn1.x86_64 \n libxml2-devel-2.7.8-9.22.amzn1.x86_64 \n libxml2-python-2.7.8-9.22.amzn1.x86_64 \n libxml2-static-2.7.8-9.22.amzn1.x86_64 \n \n \n", "reporter": "Amazon", "published": "2012-10-15T12:20:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "amazon", "title": "Medium: libxml2", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3102", "CVE-2012-2807"], "modified": "2014-09-14T17:10:00", "id": "ALAS-2012-134", "href": "https://alas.aws.amazon.com/ALAS-2012-134.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:39:22", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.1.17-4.0.1.el5_8.3", "arch": "i386", "packageFilename": "libxslt-1.1.17-4.0.1.el5_8.3.i386.rpm", "packageName": "libxslt", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.1.17-4.0.1.el5_8.3", "arch": "i386", "packageFilename": "libxslt-1.1.17-4.0.1.el5_8.3.i386.rpm", "packageName": "libxslt", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.1.17-4.0.1.el5_8.3", "arch": "i386", "packageFilename": "libxslt-1.1.17-4.0.1.el5_8.3.i386.rpm", "packageName": "libxslt", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.1.17-4.0.1.el5_8.3", "arch": "x86_64", "packageFilename": "libxslt-1.1.17-4.0.1.el5_8.3.x86_64.rpm", "packageName": "libxslt", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.1.26-2.0.2.el6_3.1", "arch": "x86_64", "packageFilename": "libxslt-python-1.1.26-2.0.2.el6_3.1.x86_64.rpm", "packageName": "libxslt-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.1.26-2.0.2.el6_3.1", "arch": "x86_64", "packageFilename": "libxslt-1.1.26-2.0.2.el6_3.1.x86_64.rpm", "packageName": "libxslt", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.1.17-4.0.1.el5_8.3", "arch": "ia64", "packageFilename": "libxslt-python-1.1.17-4.0.1.el5_8.3.ia64.rpm", "packageName": "libxslt-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.1.17-4.0.1.el5_8.3", "arch": "i386", "packageFilename": "libxslt-devel-1.1.17-4.0.1.el5_8.3.i386.rpm", "packageName": "libxslt-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.1.17-4.0.1.el5_8.3", "arch": "i386", "packageFilename": "libxslt-devel-1.1.17-4.0.1.el5_8.3.i386.rpm", "packageName": "libxslt-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.1.17-4.0.1.el5_8.3", "arch": "ia64", "packageFilename": "libxslt-devel-1.1.17-4.0.1.el5_8.3.ia64.rpm", "packageName": "libxslt-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.1.26-2.0.2.el6_3.1", "arch": "i686", "packageFilename": "libxslt-python-1.1.26-2.0.2.el6_3.1.i686.rpm", "packageName": "libxslt-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.1.17-4.0.1.el5_8.3", "arch": "ia64", "packageFilename": "libxslt-1.1.17-4.0.1.el5_8.3.ia64.rpm", "packageName": "libxslt", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.1.17-4.0.1.el5_8.3", "arch": "x86_64", "packageFilename": "libxslt-devel-1.1.17-4.0.1.el5_8.3.x86_64.rpm", "packageName": "libxslt-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.1.26-2.0.2.el6_3.1", "arch": "x86_64", "packageFilename": "libxslt-devel-1.1.26-2.0.2.el6_3.1.x86_64.rpm", "packageName": "libxslt-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.1.17-4.0.1.el5_8.3", "arch": "x86_64", "packageFilename": "libxslt-python-1.1.17-4.0.1.el5_8.3.x86_64.rpm", "packageName": "libxslt-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.1.17-4.0.1.el5_8.3", "arch": "i386", "packageFilename": "libxslt-python-1.1.17-4.0.1.el5_8.3.i386.rpm", "packageName": "libxslt-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.1.17-4.0.1.el5_8.3", "arch": "src", "packageFilename": "libxslt-1.1.17-4.0.1.el5_8.3.src.rpm", "packageName": "libxslt", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.1.17-4.0.1.el5_8.3", "arch": "src", "packageFilename": "libxslt-1.1.17-4.0.1.el5_8.3.src.rpm", "packageName": "libxslt", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.1.17-4.0.1.el5_8.3", "arch": "src", "packageFilename": "libxslt-1.1.17-4.0.1.el5_8.3.src.rpm", "packageName": "libxslt", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.1.26-2.0.2.el6_3.1", "arch": "src", "packageFilename": "libxslt-1.1.26-2.0.2.el6_3.1.src.rpm", "packageName": "libxslt", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.1.26-2.0.2.el6_3.1", "arch": "src", "packageFilename": "libxslt-1.1.26-2.0.2.el6_3.1.src.rpm", "packageName": "libxslt", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.1.26-2.0.2.el6_3.1", "arch": "i686", "packageFilename": "libxslt-devel-1.1.26-2.0.2.el6_3.1.i686.rpm", "packageName": "libxslt-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.1.26-2.0.2.el6_3.1", "arch": "i686", "packageFilename": "libxslt-devel-1.1.26-2.0.2.el6_3.1.i686.rpm", "packageName": "libxslt-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.1.26-2.0.2.el6_3.1", "arch": "i686", "packageFilename": "libxslt-1.1.26-2.0.2.el6_3.1.i686.rpm", "packageName": "libxslt", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.1.26-2.0.2.el6_3.1", "arch": "i686", "packageFilename": "libxslt-1.1.26-2.0.2.el6_3.1.i686.rpm", "packageName": "libxslt", "operator": "lt"}], "description": "[1.1.26-2.0.2.el6_3.1]\n- Increment release to avoid ULN conflict with previous release.\n[1.1.26-2.0.1.el6_3.1]\n- Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball\n[1.1.26-2.el6_3.1]\n- fixes CVE-2011-1202 CVE-2011-3970 CVE-2012-2825 CVE-2012-2871 CVE-2012-2870\n- Fix direct pattern matching bug\n- Fix popping of vars in xsltCompilerNodePop\n- Fix bug 602515\n- Fix generate-id() to not expose object addresses (CVE-2011-1202)\n- Fix some case of pattern parsing errors (CVE-2011-3970)\n- Fix a bug in selecting XSLT elements (CVE-2012-2825)\n- Fix portability to upcoming libxml2-2.9.0\n- Fix default template processing on namespace nodes (CVE-2012-2871)\n- Cleanup of the pattern compilation code (CVE-2012-2870)\n- Hardening of code checking node types in various entry point (CVE-2012-2870)\n- Hardening of code checking node types in EXSLT (CVE-2012-2870)\n- Fix system-property with unknown namespace\n- Xsltproc should return an error code if xinclude fails\n- Fix a dictionary string usage\n- Avoid a heap use after free error", "edition": 3, "reporter": "Oracle", "published": "2012-09-13T00:00:00", "title": "libxslt security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2012-09-13T00:00:00", "id": "ELSA-2012-1265", "href": "http://linux.oracle.com/errata/ELSA-2012-1265.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:41:11", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.3", "arch": "src", "packageFilename": "libxml2-2.7.6-8.0.1.el6_3.3.src.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.3", "arch": "src", "packageFilename": "libxml2-2.7.6-8.0.1.el6_3.3.src.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.3", "arch": "i686", "packageFilename": "libxml2-static-2.7.6-8.0.1.el6_3.3.i686.rpm", "packageName": "libxml2-static", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.5", "arch": "i386", "packageFilename": "libxml2-2.6.26-2.1.15.0.1.el5_8.5.i386.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.5", "arch": "i386", "packageFilename": "libxml2-2.6.26-2.1.15.0.1.el5_8.5.i386.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.5", "arch": "i386", "packageFilename": "libxml2-2.6.26-2.1.15.0.1.el5_8.5.i386.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.5", "arch": "i386", "packageFilename": "libxml2-devel-2.6.26-2.1.15.0.1.el5_8.5.i386.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.5", "arch": "i386", "packageFilename": "libxml2-devel-2.6.26-2.1.15.0.1.el5_8.5.i386.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.3", "arch": "x86_64", "packageFilename": "libxml2-2.7.6-8.0.1.el6_3.3.x86_64.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.5", "arch": "x86_64", "packageFilename": "libxml2-python-2.6.26-2.1.15.0.1.el5_8.5.x86_64.rpm", "packageName": "libxml2-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.5", "arch": "x86_64", "packageFilename": "libxml2-devel-2.6.26-2.1.15.0.1.el5_8.5.x86_64.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.5", "arch": "x86_64", "packageFilename": "libxml2-2.6.26-2.1.15.0.1.el5_8.5.x86_64.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.3", "arch": "x86_64", "packageFilename": "libxml2-python-2.7.6-8.0.1.el6_3.3.x86_64.rpm", "packageName": "libxml2-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.3", "arch": "x86_64", "packageFilename": "libxml2-devel-2.7.6-8.0.1.el6_3.3.x86_64.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.3", "arch": "x86_64", "packageFilename": "libxml2-static-2.7.6-8.0.1.el6_3.3.x86_64.rpm", "packageName": "libxml2-static", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.3", "arch": "i686", "packageFilename": "libxml2-devel-2.7.6-8.0.1.el6_3.3.i686.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.3", "arch": "i686", "packageFilename": "libxml2-devel-2.7.6-8.0.1.el6_3.3.i686.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.5", "arch": "ia64", "packageFilename": "libxml2-python-2.6.26-2.1.15.0.1.el5_8.5.ia64.rpm", "packageName": "libxml2-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.5", "arch": "src", "packageFilename": "libxml2-2.6.26-2.1.15.0.1.el5_8.5.src.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.5", "arch": "src", "packageFilename": "libxml2-2.6.26-2.1.15.0.1.el5_8.5.src.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.5", "arch": "src", "packageFilename": "libxml2-2.6.26-2.1.15.0.1.el5_8.5.src.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.3", "arch": "i686", "packageFilename": "libxml2-python-2.7.6-8.0.1.el6_3.3.i686.rpm", "packageName": "libxml2-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.5", "arch": "ia64", "packageFilename": "libxml2-devel-2.6.26-2.1.15.0.1.el5_8.5.ia64.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.5", "arch": "i386", "packageFilename": "libxml2-python-2.6.26-2.1.15.0.1.el5_8.5.i386.rpm", "packageName": "libxml2-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.3", "arch": "i686", "packageFilename": "libxml2-2.7.6-8.0.1.el6_3.3.i686.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.3", "arch": "i686", "packageFilename": "libxml2-2.7.6-8.0.1.el6_3.3.i686.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.5", "arch": "ia64", "packageFilename": "libxml2-2.6.26-2.1.15.0.1.el5_8.5.ia64.rpm", "packageName": "libxml2", "operator": "lt"}], "description": "[2.7.6-8.0.1.el6_3.3 ]\n- Update doc/redhat.gif in tarball\n- Add libxml2-oracle-enterprise.patch and update logos in tarball\n[2.7.6-8.el6_3.3]\n- Change the XPath code to percolate allocation error (CVE-2011-1944)\n[2.7.6-8.el6_3.2]\n- Fix an off by one pointer access (CVE-2011-3102)\n[2.7.6-8.el6_3.1]\n- Fix a failure to report xmlreader parsing failures\n- Fix parser local buffers size problems (rhbz#843741)\n- Fix entities local buffers size problems (rhbz#843741)\n- Fix an error in previous commit (rhbz#843741)\n- Do not fetch external parsed entities\n- Impose a reasonable limit on attribute size (rhbz#843741)\n- Impose a reasonable limit on comment size (rhbz#843741)\n- Impose a reasonable limit on PI size (rhbz#843741)\n- Cleanups and new limit APIs for dictionaries (rhbz#843741)\n- Introduce some default parser limits (rhbz#843741)\n- Implement some default limits in the XPath module\n- Fixup limits parser (rhbz#843741)\n- Enforce XML_PARSER_EOF state handling through the parser\n- Avoid quadratic behaviour in some push parsing cases (rhbz#843741)\n- More avoid quadratic behaviour (rhbz#843741)\n- Strengthen behaviour of the push parser in problematic situations (rhbz#843741)\n- More fixups on the push parser behaviour (rhbz#843741)\n- Fix a segfault on XSD validation on pattern error\n- Fix an unimplemented part in RNG value validation\n[2.7.6-8.el6]\n- remove chunk in patch related to configure.in as it breaks rebuild\n- Resolves: rhbz#788846\n[2.7.6-7.el6]\n- fix previous build to force compilation of randomization code\n- Resolves: rhbz#788846\n[2.7.6-6.el6]\n- adds randomization to hash and dict structures CVE-2012-0841\n- Resolves: rhbz#788846\n[2.7.6-5.el6]\n- Make sure the parser returns when getting a Stop order CVE-2011-3905\n- Fix an allocation error when copying entities CVE-2011-3919\n- Resolves: rhbz#771910", "edition": 3, "reporter": "Oracle", "published": "2012-09-18T00:00:00", "title": "libxml2 security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2011-3905", "CVE-2011-3919", "CVE-2011-3102", "CVE-2012-0841", "CVE-2011-1944", "CVE-2012-2807"], "modified": "2012-09-18T00:00:00", "id": "ELSA-2012-1288", "href": "http://linux.oracle.com/errata/ELSA-2012-1288.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:40:30", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-12.0.1.el6_4.1", "arch": "x86_64", "packageFilename": "libxml2-devel-2.7.6-12.0.1.el6_4.1.x86_64.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.21.0.1.el5_9.1", "arch": "ia64", "packageFilename": "libxml2-devel-2.6.26-2.1.21.0.1.el5_9.1.ia64.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.21.0.1.el5_9.1", "arch": "i386", "packageFilename": "libxml2-devel-2.6.26-2.1.21.0.1.el5_9.1.i386.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.21.0.1.el5_9.1", "arch": "i386", "packageFilename": "libxml2-devel-2.6.26-2.1.21.0.1.el5_9.1.i386.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.21.0.1.el5_9.1", "arch": "src", "packageFilename": "libxml2-2.6.26-2.1.21.0.1.el5_9.1.src.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.21.0.1.el5_9.1", "arch": "src", "packageFilename": "libxml2-2.6.26-2.1.21.0.1.el5_9.1.src.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.21.0.1.el5_9.1", "arch": "src", "packageFilename": "libxml2-2.6.26-2.1.21.0.1.el5_9.1.src.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-12.0.1.el6_4.1", "arch": "x86_64", "packageFilename": "libxml2-2.7.6-12.0.1.el6_4.1.x86_64.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-12.0.1.el6_4.1", "arch": "i686", "packageFilename": "libxml2-python-2.7.6-12.0.1.el6_4.1.i686.rpm", "packageName": "libxml2-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.21.0.1.el5_9.1", "arch": "x86_64", "packageFilename": "libxml2-devel-2.6.26-2.1.21.0.1.el5_9.1.x86_64.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.21.0.1.el5_9.1", "arch": "ia64", "packageFilename": "libxml2-2.6.26-2.1.21.0.1.el5_9.1.ia64.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.21.0.1.el5_9.1", "arch": "ia64", "packageFilename": "libxml2-python-2.6.26-2.1.21.0.1.el5_9.1.ia64.rpm", "packageName": "libxml2-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-12.0.1.el6_4.1", "arch": "i686", "packageFilename": "libxml2-devel-2.7.6-12.0.1.el6_4.1.i686.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-12.0.1.el6_4.1", "arch": "i686", "packageFilename": "libxml2-devel-2.7.6-12.0.1.el6_4.1.i686.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.21.0.1.el5_9.1", "arch": "x86_64", "packageFilename": "libxml2-python-2.6.26-2.1.21.0.1.el5_9.1.x86_64.rpm", "packageName": "libxml2-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.21.0.1.el5_9.1", "arch": "i386", "packageFilename": "libxml2-2.6.26-2.1.21.0.1.el5_9.1.i386.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.21.0.1.el5_9.1", "arch": "i386", "packageFilename": "libxml2-2.6.26-2.1.21.0.1.el5_9.1.i386.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.21.0.1.el5_9.1", "arch": "i386", "packageFilename": "libxml2-2.6.26-2.1.21.0.1.el5_9.1.i386.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-12.0.1.el6_4.1", "arch": "i686", "packageFilename": "libxml2-static-2.7.6-12.0.1.el6_4.1.i686.rpm", "packageName": "libxml2-static", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.21.0.1.el5_9.1", "arch": "x86_64", "packageFilename": "libxml2-2.6.26-2.1.21.0.1.el5_9.1.x86_64.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-12.0.1.el6_4.1", "arch": "x86_64", "packageFilename": "libxml2-static-2.7.6-12.0.1.el6_4.1.x86_64.rpm", "packageName": "libxml2-static", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-12.0.1.el6_4.1", "arch": "src", "packageFilename": "libxml2-2.7.6-12.0.1.el6_4.1.src.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-12.0.1.el6_4.1", "arch": "src", "packageFilename": "libxml2-2.7.6-12.0.1.el6_4.1.src.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-12.0.1.el6_4.1", "arch": "i686", "packageFilename": "libxml2-2.7.6-12.0.1.el6_4.1.i686.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-12.0.1.el6_4.1", "arch": "i686", "packageFilename": "libxml2-2.7.6-12.0.1.el6_4.1.i686.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-12.0.1.el6_4.1", "arch": "x86_64", "packageFilename": "libxml2-python-2.7.6-12.0.1.el6_4.1.x86_64.rpm", "packageName": "libxml2-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.21.0.1.el5_9.1", "arch": "i386", "packageFilename": "libxml2-python-2.6.26-2.1.21.0.1.el5_9.1.i386.rpm", "packageName": "libxml2-python", "operator": "lt"}], "description": "[2.7.6-12.0.1.el6_4.1]\n- Update doc/redhat.gif in tarball\n- Add libxml2-oracle-enterprise.patch and update logos in tarball\n[2.7.6-12.el6_4.1]\n-detect and stop excessive entities expansion upon replacement (rhbz#912574)\n[2.7.6-12.el6]\n- fix out of range heap access (CVE-2012-5134)\n[2.7.6-11.el6]\n- Change the XPath code to percolate allocation error (CVE-2011-1944)\n[2.7.6-10.el6]\n- Fix an off by one pointer access (CVE-2011-3102)\n[2.7.6-9.el6]\n- Fix a failure to report xmlreader parsing failures\n- Fix parser local buffers size problems (rhbz#843742)\n- Fix entities local buffers size problems (rhbz#843742)\n- Fix an error in previous commit (rhbz#843742)\n- Do not fetch external parsed entities\n- Impose a reasonable limit on attribute size (rhbz#843742)\n- Impose a reasonable limit on comment size (rhbz#843742)\n- Impose a reasonable limit on PI size (rhbz#843742)\n- Cleanups and new limit APIs for dictionaries (rhbz#843742)\n- Introduce some default parser limits (rhbz#843742)\n- Implement some default limits in the XPath module\n- Fixup limits parser (rhbz#843742)\n- Enforce XML_PARSER_EOF state handling through the parser\n- Avoid quadratic behaviour in some push parsing cases (rhbz#843742)\n- More avoid quadratic behaviour (rhbz#843742)\n- Strengthen behaviour of the push parser in problematic situations (rhbz#843742)\n- More fixups on the push parser behaviour (rhbz#843742)\n- Fix a segfault on XSD validation on pattern error\n- Fix an unimplemented part in RNG value validation", "edition": 3, "reporter": "Oracle", "published": "2013-02-28T00:00:00", "title": "libxml2 security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-0338", "CVE-2012-5134", "CVE-2011-3102", "CVE-2011-1944"], "modified": "2013-02-28T00:00:00", "id": "ELSA-2013-0581", "href": "http://linux.oracle.com/errata/ELSA-2013-0581.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:37:43", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.4", "arch": "x86_64", "packageFilename": "libxml2-2.7.6-8.0.1.el6_3.4.x86_64.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.6", "arch": "x86_64", "packageFilename": "libxml2-python-2.6.26-2.1.15.0.1.el5_8.6.x86_64.rpm", "packageName": "libxml2-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.4", "arch": "x86_64", "packageFilename": "libxml2-python-2.7.6-8.0.1.el6_3.4.x86_64.rpm", "packageName": "libxml2-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.6", "arch": "ia64", "packageFilename": "libxml2-python-2.6.26-2.1.15.0.1.el5_8.6.ia64.rpm", "packageName": "libxml2-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.4", "arch": "x86_64", "packageFilename": "libxml2-static-2.7.6-8.0.1.el6_3.4.x86_64.rpm", "packageName": "libxml2-static", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.4", "arch": "x86_64", "packageFilename": "libxml2-devel-2.7.6-8.0.1.el6_3.4.x86_64.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.6", "arch": "i386", "packageFilename": "libxml2-2.6.26-2.1.15.0.1.el5_8.6.i386.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.6", "arch": "i386", "packageFilename": "libxml2-2.6.26-2.1.15.0.1.el5_8.6.i386.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.6", "arch": "i386", "packageFilename": "libxml2-2.6.26-2.1.15.0.1.el5_8.6.i386.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.6", "arch": "x86_64", "packageFilename": "libxml2-devel-2.6.26-2.1.15.0.1.el5_8.6.x86_64.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.6", "arch": "ia64", "packageFilename": "libxml2-2.6.26-2.1.15.0.1.el5_8.6.ia64.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.4", "arch": "i686", "packageFilename": "libxml2-2.7.6-8.0.1.el6_3.4.i686.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.4", "arch": "i686", "packageFilename": "libxml2-2.7.6-8.0.1.el6_3.4.i686.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.6", "arch": "x86_64", "packageFilename": "libxml2-2.6.26-2.1.15.0.1.el5_8.6.x86_64.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.6", "arch": "ia64", "packageFilename": "libxml2-devel-2.6.26-2.1.15.0.1.el5_8.6.ia64.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.4", "arch": "i686", "packageFilename": "libxml2-devel-2.7.6-8.0.1.el6_3.4.i686.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.4", "arch": "i686", "packageFilename": "libxml2-devel-2.7.6-8.0.1.el6_3.4.i686.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.4", "arch": "i686", "packageFilename": "libxml2-python-2.7.6-8.0.1.el6_3.4.i686.rpm", "packageName": "libxml2-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.6", "arch": "src", "packageFilename": "libxml2-2.6.26-2.1.15.0.1.el5_8.6.src.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.6", "arch": "src", "packageFilename": "libxml2-2.6.26-2.1.15.0.1.el5_8.6.src.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.6", "arch": "src", "packageFilename": "libxml2-2.6.26-2.1.15.0.1.el5_8.6.src.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.4", "arch": "i686", "packageFilename": "libxml2-static-2.7.6-8.0.1.el6_3.4.i686.rpm", "packageName": "libxml2-static", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.6", "arch": "i386", "packageFilename": "libxml2-python-2.6.26-2.1.15.0.1.el5_8.6.i386.rpm", "packageName": "libxml2-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.6", "arch": "i386", "packageFilename": "libxml2-devel-2.6.26-2.1.15.0.1.el5_8.6.i386.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.0.1.el5_8.6", "arch": "i386", "packageFilename": "libxml2-devel-2.6.26-2.1.15.0.1.el5_8.6.i386.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.4", "arch": "src", "packageFilename": "libxml2-2.7.6-8.0.1.el6_3.4.src.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.6-8.0.1.el6_3.4", "arch": "src", "packageFilename": "libxml2-2.7.6-8.0.1.el6_3.4.src.rpm", "packageName": "libxml2", "operator": "lt"}], "description": "[2.7.6-8.0.1.el6_3.4 ]\n- Update doc/redhat.gif in tarball\n- Add libxml2-oracle-enterprise.patch and update logos in tarball\n[2.7.6-8.el6_3.4]\n- fix out of range heap access (CVE-2012-5134)", "edition": 3, "reporter": "Oracle", "published": "2012-11-29T00:00:00", "title": "libxml2 security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2012-5134"], "modified": "2012-11-29T00:00:00", "id": "ELSA-2012-1512", "href": "http://linux.oracle.com/errata/ELSA-2012-1512.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2017-10-03T18:24:42", "references": ["https://rhn.redhat.com/errata/RHSA-2012-1288.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "i386", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.26-2.1.15.el5_8.5.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "i386", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.26-2.1.15.el5_8.5.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "i686", "packageName": "libxml2-static", "packageFilename": "libxml2-static-2.7.6-8.el6_3.3.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "x86_64", "packageName": "libxml2-static", "packageFilename": "libxml2-static-2.7.6-8.el6_3.3.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "x86_64", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.7.6-8.el6_3.3.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "i686", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-8.el6_3.3.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "i686", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-8.el6_3.3.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "any", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-8.el6_3.3.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "any", "packageName": "libxml2", "packageFilename": "libxml2-2.6.26-2.1.15.el5_8.5.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "i386", "packageName": "libxml2", "packageFilename": "libxml2-2.6.26-2.1.15.el5_8.5.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "i386", "packageName": "libxml2", "packageFilename": "libxml2-2.6.26-2.1.15.el5_8.5.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "i686", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.7.6-8.el6_3.3.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "i686", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.7.6-8.el6_3.3.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "x86_64", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.6.26-2.1.15.el5_8.5.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "i686", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.7.6-8.el6_3.3.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "x86_64", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.26-2.1.15.el5_8.5.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "x86_64", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.7.6-8.el6_3.3.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "i386", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.6.26-2.1.15.el5_8.5.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "x86_64", "packageName": "libxml2", "packageFilename": "libxml2-2.6.26-2.1.15.el5_8.5.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "x86_64", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-8.el6_3.3.x86_64.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2012:1288\n\n\nThe libxml2 library is a development toolbox providing the implementation\nof various XML standards.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows,\nwere found in the way libxml2 handled documents that enable entity\nexpansion. A remote attacker could provide a large, specially-crafted XML\nfile that, when opened in an application linked against libxml2, would\ncause the application to crash or, potentially, execute arbitrary code with\nthe privileges of the user running the application. (CVE-2012-2807)\n\nA one byte buffer overflow was found in the way libxml2 evaluated certain\nparts of XML Pointer Language (XPointer) expressions. A remote attacker\ncould provide a specially-crafted XML file that, when opened in an\napplication linked against libxml2, would cause the application to crash\nor, potentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2011-3102)\n\nAll users of libxml2 are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The desktop must\nbe restarted (log out, then log back in) for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-September/018891.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-September/018896.html\n\n**Affected packages:**\nlibxml2\nlibxml2-devel\nlibxml2-python\nlibxml2-static\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1288.html", "edition": 1, "reporter": "CentOS Project", "published": "2012-09-18T14:22:15", "title": "libxml2 security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2011-3102", "CVE-2012-2807"], "modified": "2012-09-20T11:54:36", "href": "http://lists.centos.org/pipermail/centos-announce/2012-September/018891.html", "id": "CESA-2012:1288", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-10-03T18:25:47", "references": ["https://rhn.redhat.com/errata/RHSA-2012-1265.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "packageFilename": "libxslt-python-1.1.17-4.el5_8.3.i386.rpm", "packageName": "libxslt-python", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "packageFilename": "libxslt-devel-1.1.17-4.el5_8.3.x86_64.rpm", "packageName": "libxslt-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "packageFilename": "libxslt-1.1.17-4.el5_8.3.src.rpm", "packageName": "libxslt", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "packageFilename": "libxslt-devel-1.1.26-2.el6_3.1.i686.rpm", "packageName": "libxslt-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "packageFilename": "libxslt-devel-1.1.26-2.el6_3.1.i686.rpm", "packageName": "libxslt-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "packageFilename": "libxslt-python-1.1.17-4.el5_8.3.x86_64.rpm", "packageName": "libxslt-python", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "packageFilename": "libxslt-1.1.17-4.el5_8.3.x86_64.rpm", "packageName": "libxslt", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "packageFilename": "libxslt-python-1.1.26-2.el6_3.1.x86_64.rpm", "packageName": "libxslt-python", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "packageFilename": "libxslt-1.1.26-2.el6_3.1.x86_64.rpm", "packageName": "libxslt", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "packageFilename": "libxslt-devel-1.1.26-2.el6_3.1.x86_64.rpm", "packageName": "libxslt-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "packageFilename": "libxslt-devel-1.1.17-4.el5_8.3.i386.rpm", "packageName": "libxslt-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "packageFilename": "libxslt-devel-1.1.17-4.el5_8.3.i386.rpm", "packageName": "libxslt-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "packageFilename": "libxslt-1.1.26-2.el6_3.1.i686.rpm", "packageName": "libxslt", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "packageFilename": "libxslt-1.1.26-2.el6_3.1.i686.rpm", "packageName": "libxslt", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "packageFilename": "libxslt-1.1.17-4.el5_8.3.i386.rpm", "packageName": "libxslt", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "packageFilename": "libxslt-1.1.17-4.el5_8.3.i386.rpm", "packageName": "libxslt", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "packageFilename": "libxslt-python-1.1.26-2.el6_3.1.i686.rpm", "packageName": "libxslt-python", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "packageFilename": "libxslt-1.1.26-2.el6_3.1.src.rpm", "packageName": "libxslt", "arch": "any", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2012:1265\n\n\nlibxslt is a library for transforming XML files into other textual formats\n(including HTML, plain text, and other XML representations of the\nunderlying data) using the standard XSLT stylesheet transformation\nmechanism.\n\nA heap-based buffer overflow flaw was found in the way libxslt applied\ntemplates to nodes selected by certain namespaces. An attacker could use\nthis flaw to create a malicious XSL file that, when used by an application\nlinked against libxslt to perform an XSL transformation, could cause the\napplication to crash or, possibly, execute arbitrary code with the\nprivileges of the user running the application. (CVE-2012-2871)\n\nSeveral denial of service flaws were found in libxslt. An attacker could\nuse these flaws to create a malicious XSL file that, when used by an\napplication linked against libxslt to perform an XSL transformation, could\ncause the application to crash. (CVE-2012-2825, CVE-2012-2870,\nCVE-2011-3970)\n\nAn information leak could occur if an application using libxslt processed\nan untrusted XPath expression, or used a malicious XSL file to perform an\nXSL transformation. If combined with other flaws, this leak could possibly\nhelp an attacker bypass intended memory corruption protections.\n(CVE-2011-1202)\n\nAll libxslt users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. All running\napplications linked against libxslt must be restarted for this update to\ntake effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-September/018871.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-September/018873.html\n\n**Affected packages:**\nlibxslt\nlibxslt-devel\nlibxslt-python\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1265.html", "edition": 1, "reporter": "CentOS Project", "published": "2012-09-13T14:02:29", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "libxslt security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1202", "CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2012-09-13T16:54:25", "href": "http://lists.centos.org/pipermail/centos-announce/2012-September/018871.html", "id": "CESA-2012:1265", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-10-03T18:26:16", "references": ["https://rhn.redhat.com/errata/RHSA-2012-1512.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.6", "packageFilename": "libxml2-devel-2.6.26-2.1.15.el5_8.6.x86_64.rpm", "packageName": "libxml2-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.4", "packageFilename": "libxml2-static-2.7.6-8.el6_3.4.x86_64.rpm", "packageName": "libxml2-static", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.4", "packageFilename": "libxml2-2.7.6-8.el6_3.4.i686.rpm", "packageName": "libxml2", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.4", "packageFilename": "libxml2-2.7.6-8.el6_3.4.i686.rpm", "packageName": "libxml2", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.6", "packageFilename": "libxml2-2.6.26-2.1.15.el5_8.6.i386.rpm", "packageName": "libxml2", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.6", "packageFilename": "libxml2-2.6.26-2.1.15.el5_8.6.i386.rpm", "packageName": "libxml2", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.6", "packageFilename": "libxml2-devel-2.6.26-2.1.15.el5_8.6.i386.rpm", "packageName": "libxml2-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.6", "packageFilename": "libxml2-devel-2.6.26-2.1.15.el5_8.6.i386.rpm", "packageName": "libxml2-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.4", "packageFilename": "libxml2-2.7.6-8.el6_3.4.x86_64.rpm", "packageName": "libxml2", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.4", "packageFilename": "libxml2-python-2.7.6-8.el6_3.4.x86_64.rpm", "packageName": "libxml2-python", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.6", "packageFilename": "libxml2-2.6.26-2.1.15.el5_8.6.src.rpm", "packageName": "libxml2", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.6", "packageFilename": "libxml2-python-2.6.26-2.1.15.el5_8.6.x86_64.rpm", "packageName": "libxml2-python", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.4", "packageFilename": "libxml2-devel-2.7.6-8.el6_3.4.x86_64.rpm", "packageName": "libxml2-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.4", "packageFilename": "libxml2-devel-2.7.6-8.el6_3.4.i686.rpm", "packageName": "libxml2-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.4", "packageFilename": "libxml2-devel-2.7.6-8.el6_3.4.i686.rpm", "packageName": "libxml2-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.6", "packageFilename": "libxml2-2.6.26-2.1.15.el5_8.6.x86_64.rpm", "packageName": "libxml2", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.4", "packageFilename": "libxml2-static-2.7.6-8.el6_3.4.i686.rpm", "packageName": "libxml2-static", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.4", "packageFilename": "libxml2-2.7.6-8.el6_3.4.src.rpm", "packageName": "libxml2", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.6", "packageFilename": "libxml2-python-2.6.26-2.1.15.el5_8.6.i386.rpm", "packageName": "libxml2-python", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.4", "packageFilename": "libxml2-python-2.7.6-8.el6_3.4.i686.rpm", "packageName": "libxml2-python", "arch": "i686", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2012:1512\n\n\nThe libxml2 library is a development toolbox providing the implementation\nof various XML standards.\n\nA heap-based buffer underflow flaw was found in the way libxml2 decoded\ncertain entities. A remote attacker could provide a specially-crafted XML\nfile that, when opened in an application linked against libxml2, would\ncause the application to crash or, potentially, execute arbitrary code with\nthe privileges of the user running the application. (CVE-2012-5134)\n\nAll users of libxml2 are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. The desktop must be\nrestarted (log out, then log back in) for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-November/019018.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-November/019019.html\n\n**Affected packages:**\nlibxml2\nlibxml2-devel\nlibxml2-python\nlibxml2-static\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1512.html", "edition": 1, "reporter": "CentOS Project", "published": "2012-11-29T20:24:03", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "libxml2 security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5134"], "modified": "2012-11-29T21:27:43", "href": "http://lists.centos.org/pipermail/centos-announce/2012-November/019018.html", "id": "CESA-2012:1512", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "thn": [{"lastseen": "2018-01-27T10:07:05", "_object_types": ["robots.models.thn.ThnBulletin", "robots.models.base.Bulletin"], "references": [], "description": "[](<https://2.bp.blogspot.com/-ph9849etA0Y/VbJBYm7PQnI/AAAAAAAAjrQ/Eko3iTWiNrc/s1600/android-hacking-tool.jpg>)\n\nAs digging deeper and deeper into the [huge Hacking Team data dump](<https://thehackernews.com/2015/07/Italian-hacking-team-software.html>), security researchers are finding more and more source code, including an advanced Android Hacking Tool.\n\n \n\n\nYes, this time researchers have found a source code to a new piece of weaponized android malware that had the capability to infect millions of Android devices even when users are running latest versions of the android mobile operating system.\n\n \n\n\nTrend Micro researchers [found](<http://blog.trendmicro.com/trendlabs-security-intelligence/hacking-team-rcsandroid-spying-tool-listens-to-calls-roots-devices-to-get-in/>) that the Italian spyware company was selling **RCSAndroid (Remote Control System Android)**, which they says, is one of the_ \"most professionally developed and sophisticated\"_ pieces of Android malware a.k.a Android hacking tool they have ever seen.\n\n \n\n\nRCSAndroid is a sophisticated, real-world surveillance and hacking tool that provides even unskilled hackers to deploy one of the world's more advanced surveillance suites for Google's mobile operating system Android.\n\n \n\n\n### List of Creepy Features of Android Hacking Tool\n\n \n\n\nOnce installed on targets' devices, RCSAndroid would have helped government and law enforcement agencies around the world to completely compromise and monitor Android devices remotely. \n\n \n\n\nHere are some of the features of RCSAndroid include the ability to:\n\n * Capture screenshots using the 'screencap' command and framebuffer direct reading\n * Collect passwords for Wi-Fi networks and online accounts, including WhatsApp, Facebook, Twitter, Google, Skype, and LinkedIn\n * Collect SMS, MMS, and Gmail messages\n * Capture real-time voice calls in any network or application by hooking into the 'mediaserver' system service\n * Capture photos using the front and back cameras\n * Monitor clipboard content\n * Record using the microphone\n * Record location\n * Gather device information\n * Collect contacts and decode messages from IM accounts, including WhatsApp, Telegram, Facebook Messenger, Skype, WeChat, Viber, Line, Hangouts, and BlackBerry Messenger.\n \n\n\nRCSAndroid Android hacking tool had been in the wild since 2012 and has been known to Citizen Lab researchers since last year when the security firm [detailed a Hacking Team backdoor](<https://thehackernews.com/2014/02/hacking-team-sold-spyware-to-21.html>) used against Android users in Saudi Arabia.\n\n \n\n\n### How RCSAndroid hacking tool infects a Target?\n\n \n\n\nRCSAndroid uses two different methods to infect targeted Android devices.\n\n \n\n\n**1\\. **[Hacking Team](<https://thehackernews.com/2015/07/flash-zero-day-vulnerability.html>) used text and email messages containing specially crafted URLs that triggered exploits for several vulnerabilities (CVE-2012-2825 and CVE-2012-2871) present in the default browsers of Android 4.0 Ice Cream to 4.3 Jelly Bean, allowing the attacker to gain root privileges, and install the RCSAndroid APK.\n\n \n\n\n**2\\. **The company used backdoor apps such as \"BeNews\" available on the official Google Play Store to take advantage of a local privilege escalation bug to root the device and install the RCSAndroid agent.\n\n \n\n\n### **RCSAndroid has**** 4 'critical components'**:\n\n * **Penetration solutions** \u2013 Methods to get into the device, either via SMS or email or a legitimate app\n * **Low-level native code** \u2013 Advanced exploits and spy tools beyond Android's security framework\n * **High-level Java agent** \u2013 The application's malicious APK\n * **Command-and-control (C&C) servers **\u2013 Servers used to remotely send or receive malicious commands\n \n\n\nGiven that the source code of RCSAndroid is now available to everybody, it will likely put Android users in danger. So, if you own a smartphone running any **_Android version from 4.0 Ice Cream to 4.3 Jelly Bean_**, you need to** 'Get Rid of it Today**.'\n\n> _\"The leaked RCSAndroid code is a commercial weapon now in the wild,\" _security researchers wrote in a blog post. _\"Mobile users are called on to be on top of this news and be on guard for signs of monitoring. Some indicators may come in the form of peculiar behavior such as unexpected rebooting, finding unfamiliar apps installed, or instant messaging apps suddenly freezing.\"_\n\nUsers of **[Android 5.0 Lollipop](<https://thehackernews.com/2014/10/7-things-about-android-lollipop-50-you_18.html>)** may also be in danger of being targeted, as some emails sent among Hacking Team executives indicates that \"Hacking Team was in the process of developing exploits for Android 5.0 Lollipop,\" but so far there is no such indication.\n", "reporter": "Swati Khandelwal", "published": "2015-07-24T02:52:00", "type": "thn", "title": "RCSAndroid \u2014 Advanced Android Hacking Tool Leaked Online", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "info", "cvelist": ["CVE-2012-2871", "CVE-2012-2825"], "_object_type": "robots.models.thn.ThnBulletin", "modified": "2015-07-24T13:52:43", "id": "THN:94494D23203FCCEB0318F9EF729CCE70", "href": "https://thehackernews.com/2015/07/android-hacking-tool.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-06-06T18:05:14", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "i386", "packageName": "libxml2-debuginfo", "packageFilename": "libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "x86_64", "packageName": "libxml2-debuginfo", "packageFilename": "libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "src", "packageName": "libxml2", "packageFilename": "libxml2-2.6.26-2.1.15.el5_8.5.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "i386", "packageName": "libxml2", "packageFilename": "libxml2-2.6.26-2.1.15.el5_8.5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "i386", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.6.26-2.1.15.el5_8.5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "x86_64", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.6.26-2.1.15.el5_8.5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "x86_64", "packageName": "libxml2", "packageFilename": "libxml2-2.6.26-2.1.15.el5_8.5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "ppc", "packageName": "libxml2-debuginfo", "packageFilename": "libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "ppc64", "packageName": "libxml2-debuginfo", "packageFilename": "libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "ppc", "packageName": "libxml2", "packageFilename": "libxml2-2.6.26-2.1.15.el5_8.5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "ppc", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.6.26-2.1.15.el5_8.5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "ppc", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.26-2.1.15.el5_8.5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "ppc64", "packageName": "libxml2", "packageFilename": "libxml2-2.6.26-2.1.15.el5_8.5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "ppc64", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.26-2.1.15.el5_8.5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "s390", "packageName": "libxml2-debuginfo", "packageFilename": "libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "s390x", "packageName": "libxml2-debuginfo", "packageFilename": "libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "s390", "packageName": "libxml2", "packageFilename": "libxml2-2.6.26-2.1.15.el5_8.5.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "s390x", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.26-2.1.15.el5_8.5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "s390x", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.6.26-2.1.15.el5_8.5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "s390", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.26-2.1.15.el5_8.5.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "s390x", "packageName": "libxml2", "packageFilename": "libxml2-2.6.26-2.1.15.el5_8.5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "ia64", "packageName": "libxml2-debuginfo", "packageFilename": "libxml2-debuginfo-2.6.26-2.1.15.el5_8.5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "i386", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.26-2.1.15.el5_8.5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "x86_64", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.26-2.1.15.el5_8.5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "ia64", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.6.26-2.1.15.el5_8.5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "ia64", "packageName": "libxml2", "packageFilename": "libxml2-2.6.26-2.1.15.el5_8.5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.26-2.1.15.el5_8.5", "arch": "ia64", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.26-2.1.15.el5_8.5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "i686", "packageName": "libxml2-debuginfo", "packageFilename": "libxml2-debuginfo-2.7.6-8.el6_3.3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "src", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-8.el6_3.3.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "x86_64", "packageName": "libxml2-debuginfo", "packageFilename": "libxml2-debuginfo-2.7.6-8.el6_3.3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "i686", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.7.6-8.el6_3.3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "i686", "packageName": "libxml2-static", "packageFilename": "libxml2-static-2.7.6-8.el6_3.3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "x86_64", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.7.6-8.el6_3.3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "x86_64", "packageName": "libxml2-static", "packageFilename": "libxml2-static-2.7.6-8.el6_3.3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "i686", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.7.6-8.el6_3.3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "i686", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-8.el6_3.3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "x86_64", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-8.el6_3.3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "x86_64", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.7.6-8.el6_3.3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "ppc", "packageName": "libxml2-debuginfo", "packageFilename": "libxml2-debuginfo-2.7.6-8.el6_3.3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "ppc64", "packageName": "libxml2-debuginfo", "packageFilename": "libxml2-debuginfo-2.7.6-8.el6_3.3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "ppc64", "packageName": "libxml2-static", "packageFilename": "libxml2-static-2.7.6-8.el6_3.3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "ppc", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-8.el6_3.3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "ppc", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.7.6-8.el6_3.3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "ppc64", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.7.6-8.el6_3.3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "ppc64", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.7.6-8.el6_3.3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "ppc64", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-8.el6_3.3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "s390", "packageName": "libxml2-debuginfo", "packageFilename": "libxml2-debuginfo-2.7.6-8.el6_3.3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "s390x", "packageName": "libxml2-debuginfo", "packageFilename": "libxml2-debuginfo-2.7.6-8.el6_3.3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "s390x", "packageName": "libxml2-static", "packageFilename": "libxml2-static-2.7.6-8.el6_3.3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "s390", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-8.el6_3.3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "s390x", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.7.6-8.el6_3.3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "s390", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.7.6-8.el6_3.3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "s390x", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-8.el6_3.3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.7.6-8.el6_3.3", "arch": "s390x", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.7.6-8.el6_3.3.s390x.rpm", "operator": "lt"}], "description": "The libxml2 library is a development toolbox providing the implementation\nof various XML standards.\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows,\nwere found in the way libxml2 handled documents that enable entity\nexpansion. A remote attacker could provide a large, specially-crafted XML\nfile that, when opened in an application linked against libxml2, would\ncause the application to crash or, potentially, execute arbitrary code with\nthe privileges of the user running the application. (CVE-2012-2807)\n\nA one byte buffer overflow was found in the way libxml2 evaluated certain\nparts of XML Pointer Language (XPointer) expressions. A remote attacker\ncould provide a specially-crafted XML file that, when opened in an\napplication linked against libxml2, would cause the application to crash\nor, potentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2011-3102)\n\nAll users of libxml2 are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The desktop must\nbe restarted (log out, then log back in) for this update to take effect.\n", "reporter": "RedHat", "published": "2012-09-18T04:00:00", "type": "redhat", "title": "(RHSA-2012:1288) Moderate: libxml2 security update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2011-3102", "CVE-2012-2807"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:26", "id": "RHSA-2012:1288", "href": "https://access.redhat.com/errata/RHSA-2012:1288", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-06-12T21:09:53", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "i386", "packageName": "libxslt-debuginfo", "packageFilename": "libxslt-debuginfo-1.1.17-4.el5_8.3.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "x86_64", "packageName": "libxslt-debuginfo", "packageFilename": "libxslt-debuginfo-1.1.17-4.el5_8.3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "src", "packageName": "libxslt", "packageFilename": "libxslt-1.1.17-4.el5_8.3.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "i386", "packageName": "libxslt", "packageFilename": "libxslt-1.1.17-4.el5_8.3.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "i386", "packageName": "libxslt-python", "packageFilename": "libxslt-python-1.1.17-4.el5_8.3.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "x86_64", "packageName": "libxslt-python", "packageFilename": "libxslt-python-1.1.17-4.el5_8.3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "x86_64", "packageName": "libxslt", "packageFilename": "libxslt-1.1.17-4.el5_8.3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "ppc64", "packageName": "libxslt-debuginfo", "packageFilename": "libxslt-debuginfo-1.1.17-4.el5_8.3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "ppc", "packageName": "libxslt-debuginfo", "packageFilename": "libxslt-debuginfo-1.1.17-4.el5_8.3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "ppc", "packageName": "libxslt", "packageFilename": "libxslt-1.1.17-4.el5_8.3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "ppc64", "packageName": "libxslt", "packageFilename": "libxslt-1.1.17-4.el5_8.3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "ppc", "packageName": "libxslt-devel", "packageFilename": "libxslt-devel-1.1.17-4.el5_8.3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "ppc", "packageName": "libxslt-python", "packageFilename": "libxslt-python-1.1.17-4.el5_8.3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "ppc64", "packageName": "libxslt-devel", "packageFilename": "libxslt-devel-1.1.17-4.el5_8.3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "s390", "packageName": "libxslt-debuginfo", "packageFilename": "libxslt-debuginfo-1.1.17-4.el5_8.3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "s390x", "packageName": "libxslt-debuginfo", "packageFilename": "libxslt-debuginfo-1.1.17-4.el5_8.3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "s390x", "packageName": "libxslt", "packageFilename": "libxslt-1.1.17-4.el5_8.3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "s390", "packageName": "libxslt", "packageFilename": "libxslt-1.1.17-4.el5_8.3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "s390", "packageName": "libxslt-devel", "packageFilename": "libxslt-devel-1.1.17-4.el5_8.3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "s390x", "packageName": "libxslt-python", "packageFilename": "libxslt-python-1.1.17-4.el5_8.3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "s390x", "packageName": "libxslt-devel", "packageFilename": "libxslt-devel-1.1.17-4.el5_8.3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "ia64", "packageName": "libxslt-debuginfo", "packageFilename": "libxslt-debuginfo-1.1.17-4.el5_8.3.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "i386", "packageName": "libxslt-devel", "packageFilename": "libxslt-devel-1.1.17-4.el5_8.3.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "x86_64", "packageName": "libxslt-devel", "packageFilename": "libxslt-devel-1.1.17-4.el5_8.3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "ia64", "packageName": "libxslt", "packageFilename": "libxslt-1.1.17-4.el5_8.3.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "ia64", "packageName": "libxslt-python", "packageFilename": "libxslt-python-1.1.17-4.el5_8.3.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.1.17-4.el5_8.3", "arch": "ia64", "packageName": "libxslt-devel", "packageFilename": "libxslt-devel-1.1.17-4.el5_8.3.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "i686", "packageName": "libxslt-debuginfo", "packageFilename": "libxslt-debuginfo-1.1.26-2.el6_3.1.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "src", "packageName": "libxslt", "packageFilename": "libxslt-1.1.26-2.el6_3.1.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "x86_64", "packageName": "libxslt-debuginfo", "packageFilename": "libxslt-debuginfo-1.1.26-2.el6_3.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "i686", "packageName": "libxslt-devel", "packageFilename": "libxslt-devel-1.1.26-2.el6_3.1.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "i686", "packageName": "libxslt-python", "packageFilename": "libxslt-python-1.1.26-2.el6_3.1.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "x86_64", "packageName": "libxslt-devel", "packageFilename": "libxslt-devel-1.1.26-2.el6_3.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "x86_64", "packageName": "libxslt-python", "packageFilename": "libxslt-python-1.1.26-2.el6_3.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "i686", "packageName": "libxslt", "packageFilename": "libxslt-1.1.26-2.el6_3.1.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "x86_64", "packageName": "libxslt", "packageFilename": "libxslt-1.1.26-2.el6_3.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "ppc64", "packageName": "libxslt-debuginfo", "packageFilename": "libxslt-debuginfo-1.1.26-2.el6_3.1.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "ppc", "packageName": "libxslt-debuginfo", "packageFilename": "libxslt-debuginfo-1.1.26-2.el6_3.1.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "ppc64", "packageName": "libxslt-python", "packageFilename": "libxslt-python-1.1.26-2.el6_3.1.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "ppc", "packageName": "libxslt", "packageFilename": "libxslt-1.1.26-2.el6_3.1.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "ppc", "packageName": "libxslt-devel", "packageFilename": "libxslt-devel-1.1.26-2.el6_3.1.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "ppc64", "packageName": "libxslt", "packageFilename": "libxslt-1.1.26-2.el6_3.1.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "ppc64", "packageName": "libxslt-devel", "packageFilename": "libxslt-devel-1.1.26-2.el6_3.1.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "s390x", "packageName": "libxslt-debuginfo", "packageFilename": "libxslt-debuginfo-1.1.26-2.el6_3.1.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "s390", "packageName": "libxslt-debuginfo", "packageFilename": "libxslt-debuginfo-1.1.26-2.el6_3.1.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "s390x", "packageName": "libxslt-python", "packageFilename": "libxslt-python-1.1.26-2.el6_3.1.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "s390", "packageName": "libxslt", "packageFilename": "libxslt-1.1.26-2.el6_3.1.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "s390", "packageName": "libxslt-devel", "packageFilename": "libxslt-devel-1.1.26-2.el6_3.1.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "s390x", "packageName": "libxslt", "packageFilename": "libxslt-1.1.26-2.el6_3.1.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.1.26-2.el6_3.1", "arch": "s390x", "packageName": "libxslt-devel", "packageFilename": "libxslt-devel-1.1.26-2.el6_3.1.s390x.rpm", "operator": "lt"}], "description": "libxslt is a library for transforming XML files into other textual formats\n(including HTML, plain text, and other XML representations of the\nunderlying data) using the standard XSLT stylesheet transformation\nmechanism.\n\nA heap-based buffer overflow flaw was found in the way libxslt applied\ntemplates to nodes selected by certain namespaces. An attacker could use\nthis flaw to create a malicious XSL file that, when used by an application\nlinked against libxslt to perform an XSL transformation, could cause the\napplication to crash or, possibly, execute arbitrary code with the\nprivileges of the user running the application. (CVE-2012-2871)\n\nSeveral denial of service flaws were found in libxslt. An attacker could\nuse these flaws to create a malicious XSL file that, when used by an\napplication linked against libxslt to perform an XSL transformation, could\ncause the application to crash. (CVE-2012-2825, CVE-2012-2870,\nCVE-2011-3970)\n\nAn information leak could occur if an application using libxslt processed\nan untrusted XPath expression, or used a malicious XSL file to perform an\nXSL transformation. If combined with other flaws, this leak could possibly\nhelp an attacker bypass intended memory corruption protections.\n(CVE-2011-1202)\n\nAll libxslt users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues. All running\napplications linked against libxslt must be restarted for this update to\ntake effect.\n", "reporter": "RedHat", "published": "2012-09-13T04:00:00", "type": "redhat", "title": "(RHSA-2012:1265) Important: libxslt security update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2011-1202", "CVE-2011-3970", "CVE-2012-2825", "CVE-2012-2870", "CVE-2012-2871", "CVE-2012-2893"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:08", "id": "RHSA-2012:1265", "href": "https://access.redhat.com/errata/RHSA-2012:1265", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-05-25T03:52:07", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.8-20120919.0.el5_8", "arch": "noarch", "packageName": "rhev-hypervisor5", "packageFilename": "rhev-hypervisor5-5.8-20120919.0.el5_8.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "5.8-20120919.0.el5_8", "arch": "noarch", "packageName": "rhev-hypervisor5-tools", "packageFilename": "rhev-hypervisor5-tools-5.8-20120919.0.el5_8.noarch.rpm", "operator": "lt"}], "description": "The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: A subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA flaw was found in the way socket buffers (skb) requiring TSO (TCP segment\noffloading) were handled by the sfc driver. If the skb did not fit within\nthe minimum-size of the transmission queue, the network card could\nrepeatedly reset itself. A remote attacker could use this flaw to cause a\ndenial of service. (CVE-2012-3412)\n\nRed Hat would like to thank Ben Hutchings of Solarflare (tm) for reporting\nthis issue.\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2012-4244 (bind issue)\n\nCVE-2012-2319, CVE-2012-3430, and CVE-2012-3510 (kernel issues)\n\nCVE-2011-3102, CVE-2012-0841, and CVE-2012-2807 (libxml2 issues)\n\nUsers of Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which fixes these issues.\n", "reporter": "RedHat", "published": "2012-10-02T04:00:00", "type": "redhat", "title": "(RHSA-2012:1324) Important: rhev-hypervisor5 security and bug fix update", "enchantments": {"score": {"modified": "2018-05-25T03:52:07", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2011-3102", "CVE-2012-0841", "CVE-2012-2319", "CVE-2012-2807", "CVE-2012-3412", "CVE-2012-3430", "CVE-2012-3510", "CVE-2012-4244"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-05-25T06:35:58", "id": "RHSA-2012:1324", "href": "https://access.redhat.com/errata/RHSA-2012:1324", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-06-13T00:00:54", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "6.3-20120926.0.el6_3", "arch": "noarch", "packageName": "rhev-hypervisor6", "packageFilename": "rhev-hypervisor6-6.3-20120926.0.el6_3.noarch.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "6.3-20120926.0.el6_3", "arch": "src", "packageName": "rhev-hypervisor6", "packageFilename": "rhev-hypervisor6-6.3-20120926.0.el6_3.src.rpm", "operator": "lt"}], "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: A subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA flaw was found in the way QEMU handled VT100 terminal escape sequences\nwhen emulating certain character devices. A guest user with privileges to\nwrite to a character device that is emulated on the host using a virtual\nconsole back-end could use this flaw to crash the qemu-kvm process on the\nhost or, possibly, escalate their privileges on the host. (CVE-2012-3515)\n\nThis flaw did not affect the default use of Red Hat Enterprise\nVirtualization Hypervisor: it is not possible to add a device that uses a\nvirtual console back-end via Red Hat Enterprise Virtualization Manager.\n\nTo specify a virtual console back-end for a device and therefore be\nvulnerable to this issue, the device would have to be created another way,\nfor example, by using a VDSM hook. Note that at this time hooks can only be\nused on Red Hat Enterprise Linux hosts, not Red Hat Enterprise\nVirtualization Hypervisor.\n\nMultiple integer overflow flaws, leading to stack-based buffer overflows,\nwere found in glibc's functions for converting a string to a numeric\nrepresentation (strtod(), strtof(), and strtold()). If an application used\nsuch a function on attacker controlled input, it could cause the\napplication to crash or, potentially, execute arbitrary code.\n(CVE-2012-3480)\n\nRed Hat would like to thank the Xen project for reporting the CVE-2012-3515\nissue.\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2012-4244 (bind issue)\n\nCVE-2012-3524 (dbus issue)\n\nCVE-2012-2313, CVE-2012-2384, CVE-2012-2390, CVE-2012-3430, and\nCVE-2012-3552 (kernel issues)\n\nCVE-2012-3445 (libvirt issue)\n\nCVE-2011-3102 and CVE-2012-2807 (libxml2 issues)\n\nCVE-2011-1202, CVE-2011-3970, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871,\nand CVE-2012-2893 (libxslt issues)\n\nThis updated Red Hat Enterprise Virtualization Hypervisor package also\nfixes the following bug:\n\n* Previously, the Manager listed all installed Hypervisor ISO images as\navailable even when they did not support the VDSM compatibility version\nrequired by the selected host. The rhev-hypervisor6 package now maintains a\ntext file for each installed ISO image. The file lists the VDSM\ncompatibility versions supported by the relevant ISO image. The Manager\nuses this information to ensure that only those Hypervisor ISO images that\nare relevant to the selected host are listed. (BZ#856827)\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which fixes these issues.\n", "reporter": "RedHat", "published": "2012-10-02T04:00:00", "type": "redhat", "title": "(RHSA-2012:1325) Important: rhev-hypervisor6 security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2011-1202", "CVE-2011-3102", "CVE-2011-3970", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2390", "CVE-2012-2807", "CVE-2012-2825", "CVE-2012-2870", "CVE-2012-2871", "CVE-2012-2893", "CVE-2012-3430", "CVE-2012-3445", "CVE-2012-3480", "CVE-2012-3515", "CVE-2012-3524", "CVE-2012-3552", "CVE-2012-4244"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-07T08:59:44", "id": "RHSA-2012:1325", "href": "https://access.redhat.com/errata/RHSA-2012:1325", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T12:18:27", "references": ["http://download.novell.com/patch/finder/?keywords=aeb05c467f847178dc94b70e3bc77cc8", "https://bugzilla.novell.com/829077"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "2.6.23-15.39.1", "packageName": "libxml2-devel-32bit", "packageFilename": "libxml2-devel-32bit-2.6.23-15.39.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "2.6.23-15.39.1", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.23-15.39.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "2.6.23-15.39.1", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.23-15.39.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "2.6.23-15.39.1", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.23-15.39.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "2.6.23-15.39.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.6.23-15.39.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "2.6.23-15.39.1", "packageName": "libxml2-32bit", "packageFilename": "libxml2-32bit-2.6.23-15.39.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "2.6.23-15.39.1", "packageName": "libxml2", "packageFilename": "libxml2-2.6.23-15.39.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "2.6.23-15.39.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.6.23-15.39.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "2.6.23-15.39.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.6.23-15.39.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "2.6.23-15.39.1", "packageName": "libxml2", "packageFilename": "libxml2-2.6.23-15.39.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "2.6.23-15.39.1", "packageName": "libxml2-devel-32bit", "packageFilename": "libxml2-devel-32bit-2.6.23-15.39.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "2.6.23-15.39.1", "packageName": "libxml2-32bit", "packageFilename": "libxml2-32bit-2.6.23-15.39.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.4", "packageVersion": "2.6.23-15.39.1", "packageName": "libxml2", "packageFilename": "libxml2-2.6.23-15.39.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}], "description": "libxml2 has been updated to fix the following security\n issue:\n\n * CVE-2013-0338: libxml2 allowed context-dependent\n attackers to cause a denial of service (CPU and memory\n consumption) via an XML file containing an entity\n declaration with long replacement text and many references\n to this entity, aka "internal entity expansion" with linear\n complexity.\n", "edition": 1, "reporter": "Suse", "published": "2013-11-04T18:04:12", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "suse", "title": "Security update for libxml2 (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0339", "CVE-2013-0338", "CVE-2012-5134", "CVE-2011-3919", "CVE-2013-2877", "CVE-2011-3102", "CVE-2012-0841", "CVE-2012-2807"], "modified": "2013-11-04T18:04:12", "id": "SUSE-SU-2013:1627-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:21:38", "references": ["http://download.novell.com/patch/finder/?keywords=a3fdb1e2e30b1877238605841d41d573", "https://bugzilla.novell.com/769184", "https://bugzilla.novell.com/829077", "https://bugzilla.novell.com/805233", "https://bugzilla.novell.com/748561", "https://bugzilla.novell.com/793334", "https://bugzilla.novell.com/739894", "https://bugzilla.novell.com/764538"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.3", "packageVersion": "2.6.23-15.39.1", "packageFilename": "libxml2-2.6.23-15.39.1.s390x.rpm", "packageName": "libxml2", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.3", "packageVersion": "2.6.23-15.39.1", "packageFilename": "libxml2-devel-2.6.23-15.39.1.i586.rpm", "packageName": "libxml2-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.3", "packageVersion": "2.6.23-15.39.1", "packageFilename": "libxml2-python-2.6.23-15.39.1.i586.rpm", "packageName": "libxml2-python", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.3", "packageVersion": "2.6.23-15.39.1", "packageFilename": "libxml2-devel-32bit-2.6.23-15.39.1.s390x.rpm", "packageName": "libxml2-devel-32bit", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.3", "packageVersion": "2.6.23-15.39.1", "packageFilename": "libxml2-python-2.6.23-15.39.1.s390x.rpm", "packageName": "libxml2-python", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.3", "packageVersion": "2.6.23-15.39.1", "packageFilename": "libxml2-2.6.23-15.39.1.i586.rpm", "packageName": "libxml2", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.3", "packageVersion": "2.6.23-15.39.1", "packageFilename": "libxml2-devel-2.6.23-15.39.1.s390x.rpm", "packageName": "libxml2-devel", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.3", "packageVersion": "2.6.23-15.39.1", "packageFilename": "libxml2-python-2.6.23-15.39.1.x86_64.rpm", "packageName": "libxml2-python", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.3", "packageVersion": "2.6.23-15.39.1", "packageFilename": "libxml2-32bit-2.6.23-15.39.1.x86_64.rpm", "packageName": "libxml2-32bit", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.3", "packageVersion": "2.6.23-15.39.1", "packageFilename": "libxml2-32bit-2.6.23-15.39.1.s390x.rpm", "packageName": "libxml2-32bit", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.3", "packageVersion": "2.6.23-15.39.1", "packageFilename": "libxml2-devel-32bit-2.6.23-15.39.1.x86_64.rpm", "packageName": "libxml2-devel-32bit", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.3", "packageVersion": "2.6.23-15.39.1", "packageFilename": "libxml2-2.6.23-15.39.1.x86_64.rpm", "packageName": "libxml2", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "10.3", "packageVersion": "2.6.23-15.39.1", "packageFilename": "libxml2-devel-2.6.23-15.39.1.x86_64.rpm", "packageName": "libxml2-devel", "arch": "x86_64", "operator": "lt"}], "edition": 1, "description": "This is a LTSS rollup update for the libxml2 library that\n fixes various security issues.\n\n *\n\n CVE-2013-2877: parser.c in libxml2 allowed remote\n attackers to cause a denial of service (out-of-bounds read)\n via a document that ends abruptly, related to the lack of\n certain checks for the XML_PARSER_EOF state.\n\n *\n\n CVE-2013-0338: libxml2 allowed context-dependent\n attackers to cause a denial of service (CPU and memory\n consumption) via an XML file containing an entity\n declaration with long replacement text and many references\n to this entity, aka "internal entity expansion" with linear\n complexity.\n\n *\n\n CVE-2012-5134: Heap-based buffer underflow in the\n xmlParseAttValueComplex function in parser.c in libxml2\n allowed remote attackers to cause a denial of service or\n possibly execute arbitrary code via crafted entities in an\n XML document.\n\n *\n\n CVE-2012-2807: Multiple integer overflows in libxml2\n on 64-bit Linux platforms allowed remote attackers to cause\n a denial of service or possibly have unspecified other\n impact via unknown vectors.\n\n *\n\n CVE-2011-3102: Off-by-one error in libxml2 allowed\n remote attackers to cause a denial of service\n (out-of-bounds write) or possibly have unspecified other\n impact via unknown vectors.\n\n *\n\n CVE-2012-0841: libxml2 computed hash values without\n restricting the ability to trigger hash collisions\n predictably, which allows context-dependent attackers to\n cause a denial of service (CPU consumption) via crafted XML\n data.\n\n *\n\n CVE-2011-3919: A heap-based buffer overflow during\n decoding of entity references with overly long names has\n been fixed.\n", "reporter": "Suse", "published": "2013-11-04T17:04:12", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "suse", "title": "Security update for libxml2 (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0339", "CVE-2013-0338", "CVE-2012-5134", "CVE-2011-3919", "CVE-2013-2877", "CVE-2011-3102", "CVE-2012-0841", "CVE-2012-2807"], "modified": "2013-11-04T17:04:12", "id": "SUSE-SU-2013:1625-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00000.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:27:55", "references": ["http://download.novell.com/patch/finder/?keywords=b31152ce7358e67eddba6c88cfe97cac", "http://download.novell.com/patch/finder/?keywords=109525a062f4923fd62bd1c1a3772bd8", "https://bugzilla.novell.com/793334"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-0.21.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.6.23-15.35.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.7.6-0.21.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-test", "packageFilename": "libxml2-test-2.6.23-15.35.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-64bit", "packageFilename": "libxml2-64bit-2.6.23-15.35.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-test", "packageFilename": "libxml2-test-2.6.23-15.35.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-32bit", "packageFilename": "libxml2-32bit-2.7.6-0.21.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-doc", "packageFilename": "libxml2-doc-2.7.6-0.21.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-test", "packageFilename": "libxml2-test-2.6.23-15.35.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.6.23-15.35.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-test", "packageFilename": "libxml2-test-2.6.23-15.35.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.7.6-0.21.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.23-15.35.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-0.21.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-32bit", "packageFilename": "libxml2-32bit-2.6.23-15.35.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-0.21.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-32bit", "packageFilename": "libxml2-32bit-2.7.6-0.21.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-doc", "packageFilename": "libxml2-doc-2.7.6-0.21.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2", "packageFilename": "libxml2-2.6.23-15.35.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.6.23-15.35.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.7.6-0.21.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-32bit", "packageFilename": "libxml2-32bit-2.7.6-0.21.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2", "packageFilename": "libxml2-2.6.23-15.35.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-devel-32bit", "packageFilename": "libxml2-devel-32bit-2.6.23-15.35.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-0.21.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-doc", "packageFilename": "libxml2-doc-2.7.6-0.21.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.23-15.35.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-devel-32bit", "packageFilename": "libxml2-devel-32bit-2.6.23-15.35.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-x86", "packageFilename": "libxml2-x86-2.7.6-0.21.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2", "packageFilename": "libxml2-2.6.23-15.35.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-devel-32bit", "packageFilename": "libxml2-devel-32bit-2.7.6-0.21.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.6.23-15.35.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-devel-32bit", "packageFilename": "libxml2-devel-32bit-2.6.23-15.35.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-0.21.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.23-15.35.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.7.6-0.21.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.23-15.35.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-0.21.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.6.23-15.35.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-doc", "packageFilename": "libxml2-doc-2.7.6-0.21.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-devel-32bit", "packageFilename": "libxml2-devel-32bit-2.7.6-0.21.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-devel-64bit", "packageFilename": "libxml2-devel-64bit-2.6.23-15.35.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-doc", "packageFilename": "libxml2-doc-2.7.6-0.21.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.6.23-15.35.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.7.6-0.21.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.7.6-0.21.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2", "packageFilename": "libxml2-2.6.23-15.35.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2", "packageFilename": "libxml2-2.6.23-15.35.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-test", "packageFilename": "libxml2-test-2.6.23-15.35.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-doc", "packageFilename": "libxml2-doc-2.7.6-0.21.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2", "packageFilename": "libxml2-2.6.23-15.35.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.23-15.35.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.23-15.35.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-0.21.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.6.23-15.35.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-32bit", "packageFilename": "libxml2-32bit-2.7.6-0.21.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-32bit", "packageFilename": "libxml2-32bit-2.6.23-15.35.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.7.6-0.21.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.7.6-0.21.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-x86", "packageFilename": "libxml2-x86-2.6.23-15.35.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-0.21.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.7.6-0.21.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.7.6-0.21.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.7.6-0.21.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.6.23-15.35.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-devel-32bit", "packageFilename": "libxml2-devel-32bit-2.7.6-0.21.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.7.6-0.21.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-doc", "packageFilename": "libxml2-doc-2.7.6-0.21.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2", "packageFilename": "libxml2-2.7.6-0.21.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-devel", "packageFilename": "libxml2-devel-2.7.6-0.21.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2-32bit", "packageFilename": "libxml2-32bit-2.6.23-15.35.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-python", "packageFilename": "libxml2-python-2.7.6-0.21.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "2.6.23-15.35.1", "packageName": "libxml2", "packageFilename": "libxml2-2.6.23-15.35.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "2.7.6-0.21.1", "packageName": "libxml2-32bit", "packageFilename": "libxml2-32bit-2.7.6-0.21.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}], "description": "A heap-based buffer underflow in the entity decoding of\n libxml2 could have caused a Denial of Service or\n potentially allowed the execution of arbitrary code. This\n has been fixed.\n", "edition": 1, "reporter": "Suse", "published": "2012-12-12T17:09:09", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "suse", "title": "Security update for libxml2 (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5134"], "modified": "2012-12-12T17:09:09", "id": "SUSE-SU-2012:1636-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00010.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:37:04", "references": ["https://bugzilla.novell.com/793334"], "affectedPackage": [{"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.7.8+git20110708-3.15.1", "arch": "i586", "packageFilename": "libxml2-debuginfo-2.7.8+git20110708-3.15.1.i586.rpm", "packageName": "libxml2-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "x86_64", "packageFilename": "libxml2-2-debuginfo-32bit-2.7.8+git20120223-8.9.1.x86_64.rpm", "packageName": "libxml2-2-debuginfo-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "x86_64", "packageFilename": "libxml2-tools-2.7.8+git20120223-8.9.1.x86_64.rpm", "packageName": "libxml2-tools", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "i586", "packageFilename": "libxml2-debugsource-2.7.8+git20120223-8.9.1.i586.rpm", "packageName": "libxml2-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.7.8+git20110708-3.15.1", "arch": "x86_64", "packageFilename": "libxml2-devel-2.7.8+git20110708-3.15.1.x86_64.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.7.8+git20110708-3.15.1", "arch": "x86_64", "packageFilename": "libxml2-debugsource-2.7.8+git20110708-3.15.1.x86_64.rpm", "packageName": "libxml2-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "x86_64", "packageFilename": "libxml2-2-debuginfo-2.7.8+git20120223-8.9.1.x86_64.rpm", "packageName": "libxml2-2-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "i586", "packageFilename": "libxml2-tools-2.7.8+git20120223-8.9.1.i586.rpm", "packageName": "libxml2-tools", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.7.8+git20110708-3.15.1", "arch": "i586", "packageFilename": "libxml2-devel-2.7.8+git20110708-3.15.1.i586.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.7.8+git20110708-3.15.1", "arch": "i586", "packageFilename": "libxml2-debugsource-2.7.8+git20110708-3.15.1.i586.rpm", "packageName": "libxml2-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "i586", "packageFilename": "libxml2-devel-2.7.8+git20120223-8.9.1.i586.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "noarch", "packageFilename": "libxml2-doc-2.7.8+git20120223-8.9.1.noarch.rpm", "packageName": "libxml2-doc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.7.8+git20110708-3.15.1", "arch": "x86_64", "packageFilename": "libxml2-2.7.8+git20110708-3.15.1.x86_64.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "i586", "packageFilename": "libxml2-tools-debuginfo-2.7.8+git20120223-8.9.1.i586.rpm", "packageName": "libxml2-tools-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.7.8+git20110708-3.15.1", "arch": "i586", "packageFilename": "libxml2-2.7.8+git20110708-3.15.1.i586.rpm", "packageName": "libxml2", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "x86_64", "packageFilename": "python-libxml2-debuginfo-2.7.8+git20120223-8.9.1.x86_64.rpm", "packageName": "python-libxml2-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "x86_64", "packageFilename": "libxml2-2-32bit-2.7.8+git20120223-8.9.1.x86_64.rpm", "packageName": "libxml2-2-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "x86_64", "packageFilename": "libxml2-2-2.7.8+git20120223-8.9.1.x86_64.rpm", "packageName": "libxml2-2", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "i586", "packageFilename": "python-libxml2-debugsource-2.7.8+git20120223-8.9.1.i586.rpm", "packageName": "python-libxml2-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "i586", "packageFilename": "libxml2-2-debuginfo-2.7.8+git20120223-8.9.1.i586.rpm", "packageName": "libxml2-2-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "i586", "packageFilename": "libxml2-2-2.7.8+git20120223-8.9.1.i586.rpm", "packageName": "libxml2-2", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.7.8+git20110708-3.15.1", "arch": "ia64", "packageFilename": "libxml2-debuginfo-x86-2.7.8+git20110708-3.15.1.ia64.rpm", "packageName": "libxml2-debuginfo-x86", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "i586", "packageFilename": "python-libxml2-2.7.8+git20120223-8.9.1.i586.rpm", "packageName": "python-libxml2", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "x86_64", "packageFilename": "python-libxml2-2.7.8+git20120223-8.9.1.x86_64.rpm", "packageName": "python-libxml2", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "x86_64", "packageFilename": "libxml2-devel-32bit-2.7.8+git20120223-8.9.1.x86_64.rpm", "packageName": "libxml2-devel-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "x86_64", "packageFilename": "python-libxml2-debugsource-2.7.8+git20120223-8.9.1.x86_64.rpm", "packageName": "python-libxml2-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.7.8+git20110708-3.15.1", "arch": "x86_64", "packageFilename": "libxml2-devel-32bit-2.7.8+git20110708-3.15.1.x86_64.rpm", "packageName": "libxml2-devel-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.7.8+git20110708-3.15.1", "arch": "x86_64", "packageFilename": "libxml2-32bit-2.7.8+git20110708-3.15.1.x86_64.rpm", "packageName": "libxml2-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.7.8+git20110708-3.15.1", "arch": "x86_64", "packageFilename": "libxml2-debuginfo-2.7.8+git20110708-3.15.1.x86_64.rpm", "packageName": "libxml2-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "x86_64", "packageFilename": "libxml2-devel-2.7.8+git20120223-8.9.1.x86_64.rpm", "packageName": "libxml2-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.7.8+git20110708-3.15.1", "arch": "x86_64", "packageFilename": "libxml2-debuginfo-32bit-2.7.8+git20110708-3.15.1.x86_64.rpm", "packageName": "libxml2-debuginfo-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.7.8+git20110708-3.15.1", "arch": "noarch", "packageFilename": "libxml2-doc-2.7.8+git20110708-3.15.1.noarch.rpm", "packageName": "libxml2-doc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "x86_64", "packageFilename": "libxml2-tools-debuginfo-2.7.8+git20120223-8.9.1.x86_64.rpm", "packageName": "libxml2-tools-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "x86_64", "packageFilename": "libxml2-debugsource-2.7.8+git20120223-8.9.1.x86_64.rpm", "packageName": "libxml2-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.7.8+git20120223-8.9.1", "arch": "i586", "packageFilename": "python-libxml2-debuginfo-2.7.8+git20120223-8.9.1.i586.rpm", "packageName": "python-libxml2-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.7.8+git20110708-3.15.1", "arch": "ia64", "packageFilename": "libxml2-x86-2.7.8+git20110708-3.15.1.ia64.rpm", "packageName": "libxml2-x86", "operator": "lt"}], "description": "A Heap-based buffer underflow in the\n xmlParseAttValueComplex function in parser.c in libxml2\n allowed remote attackers to cause a denial of service or\n possibly execute arbitrary code via crafted entities in an\n XML document.\n\n", "edition": 1, "reporter": "Suse", "published": "2012-12-17T12:08:33", "title": "libxml2: fixed buffer overflow during decoding entities (important)", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5134"], "modified": "2012-12-17T12:08:33", "id": "OPENSUSE-SU-2012:1647-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00014.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:10:08", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2012-2825", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-2871", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-2870", "https://people.canonical.com/~ubuntu-security/cve/CVE-2011-3970", "https://people.canonical.com/~ubuntu-security/cve/CVE-2011-1202", "https://people.canonical.com/~ubuntu-security/cve/CVE-2012-2893"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "1.1.26-1ubuntu1.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxslt1.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "11.10", "packageVersion": "1.1.26-7ubuntu0.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxslt1.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "1.1.26-8ubuntu1.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxslt1.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "1.1.22-1ubuntu1.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxslt1.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "11.04", "packageVersion": "1.1.26-6ubuntu0.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxslt1.1", "operator": "lt"}], "description": "Chris Evans discovered that libxslt incorrectly handled generate-id XPath functions. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could obtain potentially sensitive information. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu 11.04. (CVE-2011-1202)\n\nIt was discovered that libxslt incorrectly parsed certain patterns. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could cause libxslt to crash, causing a denial of service. (CVE-2011-3970)\n\nNicholas Gregoire discovered that libxslt incorrectly handled unexpected DTD nodes. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could cause libxslt to crash, causing a denial of service. (CVE-2012-2825)\n\nNicholas Gregoire discovered that libxslt incorrectly managed memory. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could cause libxslt to crash, causing a denial of service. (CVE-2012-2870)\n\nNicholas Gregoire discovered that libxslt incorrectly handled certain transforms. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could cause libxslt to crash, causing a denial of service, or possibly execute arbitrary code. (CVE-2012-2871)\n\nCris Neckar discovered that libxslt incorrectly managed memory. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could cause libxslt to crash, causing a denial of service, or possibly execute arbitrary code. (CVE-2012-2893)", "edition": 3, "reporter": "Ubuntu", "published": "2012-10-04T00:00:00", "title": "libxslt vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2011-1202", "CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2012-10-04T00:00:00", "id": "USN-1595-1", "href": "https://usn.ubuntu.com/1595-1/", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T00:09:26", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2011-3102"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.7.6.dfsg-1ubuntu1.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxml2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "11.04", "packageVersion": "2.7.8.dfsg-2ubuntu0.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxml2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.6.31.dfsg-2ubuntu1.9", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxml2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "11.10", "packageVersion": "2.7.8.dfsg-4ubuntu0.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxml2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "2.7.8.dfsg-5.1ubuntu4.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxml2", "operator": "lt"}], "description": "Juri Aedla discovered that libxml2 contained an off by one error in its XPointer functionality. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program.", "edition": 3, "reporter": "Ubuntu", "published": "2012-05-21T00:00:00", "title": "libxml2 vulnerability", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2011-3102"], "modified": "2012-05-21T00:00:00", "id": "USN-1447-1", "href": "https://usn.ubuntu.com/1447-1/", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2016-09-02T18:32:34", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "6", "packageVersion": "1.1.26-6+squeeze2", "packageFilename": "libxslt_1.1.26-6+squeeze2_all.deb", "packageName": "libxslt", "arch": "all", "operator": "lt"}], "description": "Nicholas Gregoire and Cris Neckar discovered several memory handling bugs in libxslt, which could lead to denial of service or the execution of arbitrary code if a malformed document is processed.\n\nFor the stable distribution (squeeze), these problems have been fixed in version 1.1.26-6+squeeze2.\n\nFor the unstable distribution (sid), these problems have been fixed in version 1.1.26-14.\n\nWe recommend that you upgrade your libxslt packages.", "edition": 1, "reporter": "Debian", "published": "2012-10-05T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "debian", "title": "libxslt -- several vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2870"], "modified": "2012-10-05T00:00:00", "id": "DSA-2555", "href": "http://www.debian.org/security/dsa-2555", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-02T18:27:53", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "6", "packageVersion": "2.7.8.dfsg-2+squeeze4", "packageFilename": "libxml2_2.7.8.dfsg-2+squeeze4_all.deb", "packageName": "libxml2", "arch": "all", "operator": "lt"}], "edition": 1, "description": "Jueri Aedla discovered an off-by-one in libxml2, which could result in the execution of arbitrary code.\n\nFor the stable distribution (squeeze), this problem has been fixed in version 2.7.8.dfsg-2+squeeze4.\n\nFor the unstable distribution (sid), this problem has been fixed in version 2.7.8.dfsg-9.1.\n\nWe recommend that you upgrade your libxml2 packages.", "reporter": "Debian", "published": "2012-05-23T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "libxml2 -- off-by-one", "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3102"], "modified": "2012-05-23T00:00:00", "href": "http://www.debian.org/security/dsa-2479", "id": "DSA-2479", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-02T18:36:13", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "6", "packageVersion": "2.7.8.dfsg-2+squeeze6", "packageFilename": "libxml2_2.7.8.dfsg-2+squeeze6_all.deb", "arch": "all", "packageName": "libxml2", "operator": "lt"}], "edition": 1, "description": "Jueri Aedla discovered a buffer overflow in the libxml XML library, which could result in the execution of arbitrary code.\n\nFor the stable distribution (squeeze), this problem has been fixed in version 2.7.8.dfsg-2+squeeze6.\n\nFor the unstable distribution (sid), this problem has been fixed in version 2.8.0+dfsg1-7.\n\nWe recommend that you upgrade your libxml2 packages.", "reporter": "Debian", "published": "2012-12-02T00:00:00", "type": "debian", "title": "libxml2 -- buffer overflow", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2012-5134"], "modified": "2012-12-02T00:00:00", "id": "DSA-2580", "href": "http://www.debian.org/security/dsa-2580", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "threatpost": [{"lastseen": "2016-09-04T20:47:28", "references": ["https://threatpost.com/apple-patches-trident-vulnerabilities-in-os-x-safari/120336/", "https://threatpost.com/ios-9-3-4-patches-critical-code-execution-flaw/119710/", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2391", "http://threatpost.com/new-ios-61-flaw-allows-access-iphones-contacts-photos-021413/77533", "http://threatpost.com/apple-to-fix-fake-usb-charger-flaw-in-ios-7/101554", "http://prod.lists.apple.com/archives/security-announce/2013/Sep/msg00006.html", "https://threatpost.com/putting-apple-bug-bounty-rewards-in-perspective/119794/"], "edition": 1, "description": "We are one day in and Apple\u2019s sleek new mobile operating system, iOS 7, has been dissected to death \u2013 the colors, the similarities to Android\u2019s OS, the amount of time it took some users to download the update from Apple\u2019s servers. Those talking points aside, the update also brought a slew of bug fixes, 80 in total, to devices that should appease Apple users with security concerns.\n\nThe update fixes a handful of issues, most which could lead to a denial of service attack or trigger unexpected application termination or arbitrary code execution on devices like an iPad, iPod Touch or iPhone running an out of date OS.\n\n### Related Posts\n\n#### [Apple Patches Trident Vulnerabilities in OS X, Safari](<https://threatpost.com/apple-patches-trident-vulnerabilities-in-os-x-safari/120336/> \"Permalink to Apple Patches Trident Vulnerabilities in OS X, Safari\" )\n\nSeptember 2, 2016 , 10:00 am\n\n#### [Putting Apple Bug Bounty Rewards in Perspective](<https://threatpost.com/putting-apple-bug-bounty-rewards-in-perspective/119794/> \"Permalink to Putting Apple Bug Bounty Rewards in Perspective\" )\n\nAugust 10, 2016 , 11:00 am\n\n#### [iOS 9.3.4 Patches Critical Code Execution Flaw](<https://threatpost.com/ios-9-3-4-patches-critical-code-execution-flaw/119710/> \"Permalink to iOS 9.3.4 Patches Critical Code Execution Flaw\" )\n\nAugust 8, 2016 , 9:00 am\n\nSome of the bigger flaws addressed involve two fixes for passcode bypass flaws, one (CVE-2013-0957) that could\u2019ve allowed an attacker to break an app in the third-party sandbox and determine the user\u2019s passcode and a second (CVE-2013-5147) [that exploited the way the iPhone handled calls](<http://threatpost.com/new-ios-61-flaw-allows-access-iphones-contacts-photos-021413/77533>) to bypass the screen lock in iOS 6.1.\n\nAnother similar data privacy bug could have allowed an attacker to intercept user credentials by compromising a TrustWave certificate (CVE-2012-5134). TrustWave issued and subsequently revoked the faulty sub-CA certificate.\n\nFour Safari bugs were also addressed in yesterday\u2019s update, including a problem where the browser\u2019s history was still visible even after it was cleared and a problem stemming from a memory corruption issue in the way it handled XML files and a cross-site scripting flaw on sites that allow users to upload files.\n\nThe oldest bug in the batch appears to be a kernel issue from 2011 discovered by Marc Heuse where-in an attacker could have sent specially crafted IPv6 packets to an iPhone 4 and caused a high CPU load. While the bug is known as [CVE-2011-2391](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2391>) in the Common Vulnerabilities and Exposures database, the CVE warns the attached date does not necessarily reflect when the vulnerability was discovered.\n\nSeveral vulnerabilities from 2012 are also addressed in the update, all involve fixing arbitrary code execution bugs in the libxml and libxslt libraries.\n\nWhile not discussed in the update notes, iOS 7 also fixes a previously disclosed [\u201cUSB charger\u201d bug](<http://threatpost.com/apple-to-fix-fake-usb-charger-flaw-in-ios-7/101554>) that surfaced in August that allowed hackers complete access to devices via a modded charger. Apple spokesman Tom Numayr confirmed last month that iOS 7 would give users the choice whether or not they want to trust the computer their device has been connected to.\n\nThose interested in the full rundown of security fixes can head to [Apple\u2019s Mailing Lists](<http://prod.lists.apple.com/archives/security-announce/2013/Sep/msg00006.html>) email, posted yesterday.", "reporter": "Chris Brook", "published": "2013-09-19T12:53:00", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "threatpost", "title": "Apple's iOS 7 Update Fixes 80 Security Bugs", "threatPostCategory": "Vulnerabilities", "bulletinFamily": "info", "cvelist": ["CVE-2012-5134", "CVE-2013-0957", "CVE-2013-5147", "CVE-2011-2391"], "modified": "2013-09-19T16:53:59", "href": "https://threatpost.com/apples-ios-7-update-fixes-80-security-bugs/102356/", "id": "APPLES-IOS-7-UPDATE-FIXES-80-SECURITY-BUGS/102356", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "zdi": [{"lastseen": "2016-11-09T00:18:02", "references": ["http://support.apple.com/kb/HT1222"], "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the way Webkit implements the string.replace() method. Due to insufficient boundary checks it is possible for specially crafted strings to cause an int wrap during the calculation of a buffer size. This could lead to a heap buffer overflow that could result in remote code execution under the context of the current user.", "edition": 2, "reporter": "pa_kt / twitter.com/pa_kt", "published": "2013-05-30T00:00:00", "title": "Webkit.org Webkit string.replace Remote Code Execution Vulnerability", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "zdi", "bulletinFamily": "info", "cvelist": ["CVE-2013-0999"], "modified": "2013-11-09T00:00:00", "href": "http://www.zerodayinitiative.com/advisories/ZDI-13-109", "id": "ZDI-13-109", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-11-09T00:18:11", "references": ["http://support.apple.com/kb/HT1222"], "edition": 2, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the way Webkit implements string.concat(). When concatenating multiple strings the function fails to properly check for overflows and as such is vulnerable to heap corruption. This could result in remote code execution under the context of the current program.", "reporter": "pa_kt / twitter.com/pa_kt", "published": "2013-05-30T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "title": "Webkit.org Webkit string.concat() Remote Code Execution Vulnerability", "type": "zdi", "bulletinFamily": "info", "cvelist": ["CVE-2013-0998"], "modified": "2013-11-09T00:00:00", "href": "http://www.zerodayinitiative.com/advisories/ZDI-13-108", "id": "ZDI-13-108", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:47", "references": ["https://bugs.gentoo.org/show_bug.cgi?id=476438", "https://bugs.gentoo.org/show_bug.cgi?id=466238", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2877", "https://bugs.gentoo.org/show_bug.cgi?id=458740", "https://bugs.gentoo.org/show_bug.cgi?id=434344", "https://bugs.gentoo.org/show_bug.cgi?id=458430", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1969", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0338", "https://bugs.gentoo.org/show_bug.cgi?id=444836", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5134", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1664", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2871"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "2.9.1-r1", "arch": "all", "packageFilename": "UNKNOWN", "packageName": "dev-libs/libxml2", "operator": "lt"}], "edition": 1, "description": "### Background\n\nlibxml2 is the XML C parser and toolkit developed for the Gnome project.\n\n### Description\n\nMultiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted document with an application linked against libxml2, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll libxml2 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/libxml2-2.9.1-r1\"", "reporter": "Gentoo Foundation", "published": "2013-11-10T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "gentoo", "title": "libxml2: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2871", "CVE-2013-0338", "CVE-2012-5134", "CVE-2013-2877", "CVE-2013-1969", "CVE-2013-1664"], "modified": "2013-11-10T00:00:00", "id": "GLSA-201311-06", "href": "https://security.gentoo.org/glsa/201311-06", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
