Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2011-3970 (GCVE-0-2011-3970)
Vulnerability from cvelistv5 – Published: 2012-02-09 02:00 – Updated: 2024-08-06 23:53
VLAI?
EPSS
Summary
libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:53:32.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2013:1654",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://www.suse.com/support/update/announcement/2013/suse-su-20131654-1.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html"
},
{
"name": "SUSE-SU-2013:1656",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://www.suse.com/support/update/announcement/2013/suse-su-20131656-1.html"
},
{
"name": "oval:org.mitre.oval:def:14818",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14818"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=110277"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "SUSE-SU-2013:1654",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://www.suse.com/support/update/announcement/2013/suse-su-20131654-1.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html"
},
{
"name": "SUSE-SU-2013:1656",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://www.suse.com/support/update/announcement/2013/suse-su-20131656-1.html"
},
{
"name": "oval:org.mitre.oval:def:14818",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14818"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=110277"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2011-3970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2013:1654",
"refsource": "SUSE",
"url": "https://www.suse.com/support/update/announcement/2013/suse-su-20131654-1.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html"
},
{
"name": "SUSE-SU-2013:1656",
"refsource": "SUSE",
"url": "https://www.suse.com/support/update/announcement/2013/suse-su-20131656-1.html"
},
{
"name": "oval:org.mitre.oval:def:14818",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14818"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=110277",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=110277"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2011-3970",
"datePublished": "2012-02-09T02:00:00.000Z",
"dateReserved": "2011-10-01T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:53:32.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CERTA-2013-AVI-088
Vulnerability from certfr_avis - Published: 2013-02-04 - Updated: 2013-02-04
De multiples vulnérabilités ont été corrigées dans VMware vSphere. Plusieurs composants tiers ont été corrigés comme libxml2, bind et xslt. La vulnérabilité la plus critique permet à un attaquant de provoquer une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | N/A | VMware ESX versions antérieures à 4.1 mise à jour ESX410-201301401-SG | ||
| VMware | ESXi | VMware ESXi versions antérieures à 4.1 mise à jour ESXi410-201301401-SG | ||
| VMware | vCenter Server | VMware vCenter Server versions antérieures à 4.1 mise à jour 3a | ||
| VMware | N/A | VMware vCenter Client versions antérieures à 4.1 mise à jour 3a |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "VMware ESX versions ant\u00e9rieures \u00e0 4.1 mise \u00e0 jour ESX410-201301401-SG",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESXi versions ant\u00e9rieures \u00e0 4.1 mise \u00e0 jour ESXi410-201301401-SG",
"product": {
"name": "ESXi",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware vCenter Server versions ant\u00e9rieures \u00e0 4.1 mise \u00e0 jour 3a",
"product": {
"name": "vCenter Server",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware vCenter Client versions ant\u00e9rieures \u00e0 4.1 mise \u00e0 jour 3a",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2012-4244",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4244"
},
{
"name": "CVE-2011-3970",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3970"
},
{
"name": "CVE-2012-2871",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2871"
},
{
"name": "CVE-2012-2870",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2870"
},
{
"name": "CVE-2013-1405",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1405"
},
{
"name": "CVE-2011-3102",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3102"
},
{
"name": "CVE-2012-2807",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2807"
},
{
"name": "CVE-2011-1202",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1202"
},
{
"name": "CVE-2012-2825",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2825"
}
],
"initial_release_date": "2013-02-04T00:00:00",
"last_revision_date": "2013-02-04T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2013-0001 du 31 janvier 2013",
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0001.html"
}
],
"reference": "CERTA-2013-AVI-088",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2013-02-04T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eVMware vSphere\u003c/span\u003e. Plusieurs composants tiers ont \u00e9t\u00e9\ncorrig\u00e9s comme \u003cspan class=\"textit\"\u003elibxml2\u003c/span\u003e, \u003cspan\nclass=\"textit\"\u003ebind\u003c/span\u003e et \u003cspan class=\"textit\"\u003exslt\u003c/span\u003e. La\nvuln\u00e9rabilit\u00e9 la plus critique permet \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware vSphere",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2013-0001 du 31 janvier 2013",
"url": null
}
]
}
CERTFR-2014-AVI-112
Vulnerability from certfr_avis - Published: 2014-03-10 - Updated: 2014-03-10
De multiples vulnérabilités ont été corrigées dans Oracle Solaris. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle Solaris 11.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Solaris 10",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Solaris 9",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2013-5718",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5718"
},
{
"name": "CVE-2013-1960",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1960"
},
{
"name": "CVE-2013-4123",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4123"
},
{
"name": "CVE-2013-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5745"
},
{
"name": "CVE-2013-4231",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4231"
},
{
"name": "CVE-2006-4810",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4810"
},
{
"name": "CVE-2013-4164",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4164"
},
{
"name": "CVE-2012-6139",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6139"
},
{
"name": "CVE-2013-4408",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4408"
},
{
"name": "CVE-2014-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0397"
},
{
"name": "CVE-2013-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6462"
},
{
"name": "CVE-2013-1418",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1418"
},
{
"name": "CVE-2011-3970",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3970"
},
{
"name": "CVE-2012-2871",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2871"
},
{
"name": "CVE-2012-6150",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6150"
},
{
"name": "CVE-2013-5717",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5717"
},
{
"name": "CVE-2013-6340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6340"
},
{
"name": "CVE-2012-2870",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2870"
},
{
"name": "CVE-2013-6337",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6337"
},
{
"name": "CVE-2013-0900",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0900"
},
{
"name": "CVE-2013-6339",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6339"
},
{
"name": "CVE-2013-4363",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4363"
},
{
"name": "CVE-2013-5721",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5721"
},
{
"name": "CVE-2007-6750",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-6750"
},
{
"name": "CVE-2008-0386",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-0386"
},
{
"name": "CVE-2012-4504",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4504"
},
{
"name": "CVE-2012-2893",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2893"
},
{
"name": "CVE-2012-4505",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4505"
},
{
"name": "CVE-2013-1961",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1961"
},
{
"name": "CVE-2013-4287",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4287"
},
{
"name": "CVE-2009-0179",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0179"
},
{
"name": "CVE-2013-6338",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6338"
},
{
"name": "CVE-2013-6336",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6336"
},
{
"name": "CVE-2013-4232",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4232"
},
{
"name": "CVE-2013-4124",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4124"
},
{
"name": "CVE-2013-7112",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-7112"
},
{
"name": "CVE-2013-2561",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2561"
},
{
"name": "CVE-2014-0591",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0591"
},
{
"name": "CVE-2013-5719",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5719"
},
{
"name": "CVE-2013-7114",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-7114"
},
{
"name": "CVE-2013-1417",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1417"
},
{
"name": "CVE-2012-4564",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4564"
},
{
"name": "CVE-2013-5722",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5722"
},
{
"name": "CVE-2011-1202",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1202"
},
{
"name": "CVE-2012-0870",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0870"
},
{
"name": "CVE-2013-5720",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5720"
},
{
"name": "CVE-2012-2825",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2825"
},
{
"name": "CVE-2013-4475",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4475"
}
],
"initial_release_date": "2014-03-10T00:00:00",
"last_revision_date": "2014-03-10T00:00:00",
"links": [],
"reference": "CERTFR-2014-AVI-112",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2014-03-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle Solaris\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance,\nune ex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Solaris",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle du 25 f\u00e9vrier 2014",
"url": "http://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html"
}
]
}
CERTFR-2014-AVI-193
Vulnerability from certfr_avis - Published: 2014-04-17 - Updated: 2014-04-17
De multiples vulnérabilités ont été corrigées dans Xerox FreeFlow Print Server. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Xerox FreeFlow Print Server version 7",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Xerox FreeFlow Print Server version 8",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Xerox FreeFlow Print Server version 9",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2014-0417",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0417"
},
{
"name": "CVE-2013-5910",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5910"
},
{
"name": "CVE-2012-6139",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6139"
},
{
"name": "CVE-2014-0403",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0403"
},
{
"name": "CVE-2014-0411",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0411"
},
{
"name": "CVE-2011-3970",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3970"
},
{
"name": "CVE-2012-2871",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2871"
},
{
"name": "CVE-2014-0424",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0424"
},
{
"name": "CVE-2014-0422",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0422"
},
{
"name": "CVE-2013-5884",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5884"
},
{
"name": "CVE-2012-2870",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2870"
},
{
"name": "CVE-2013-5907",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5907"
},
{
"name": "CVE-2013-5898",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5898"
},
{
"name": "CVE-2014-0387",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0387"
},
{
"name": "CVE-2007-6750",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-6750"
},
{
"name": "CVE-2012-2893",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2893"
},
{
"name": "CVE-2014-0423",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0423"
},
{
"name": "CVE-2013-5821",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5821"
},
{
"name": "CVE-2014-0410",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0410"
},
{
"name": "CVE-2013-5888",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5888"
},
{
"name": "CVE-2014-0376",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0376"
},
{
"name": "CVE-2013-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5889"
},
{
"name": "CVE-2014-0416",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0416"
},
{
"name": "CVE-2013-5899",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5899"
},
{
"name": "CVE-2013-4124",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4124"
},
{
"name": "CVE-2013-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5878"
},
{
"name": "CVE-2013-5906",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5906"
},
{
"name": "CVE-2014-0373",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0373"
},
{
"name": "CVE-2013-5905",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5905"
},
{
"name": "CVE-2014-0418",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0418"
},
{
"name": "CVE-2014-0415",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0415"
},
{
"name": "CVE-2014-0428",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0428"
},
{
"name": "CVE-2014-0375",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0375"
},
{
"name": "CVE-2014-0390",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0390"
},
{
"name": "CVE-2014-0368",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0368"
},
{
"name": "CVE-2013-5887",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5887"
},
{
"name": "CVE-2013-5872",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5872"
},
{
"name": "CVE-2013-5902",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5902"
},
{
"name": "CVE-2013-5896",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5896"
},
{
"name": "CVE-2011-1202",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1202"
},
{
"name": "CVE-2012-2825",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2825"
},
{
"name": "CVE-2013-4475",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4475"
}
],
"initial_release_date": "2014-04-17T00:00:00",
"last_revision_date": "2014-04-17T00:00:00",
"links": [],
"reference": "CERTFR-2014-AVI-193",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2014-04-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eXerox FreeFlow Print Server\u003c/span\u003e. Certaines d\u0027entre\nelles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Xerox FreeFlow Print Server",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Xerox XRX14-002 du 18 f\u00e9vrier 2014",
"url": "http://www.xerox.com/download/security/security-bulletin/10be6-4f72fbafb1868/cert_XRX14-002_v1.0.pdf"
}
]
}
CERTA-2014-AVI-008
Vulnerability from certfr_avis - Published: 2014-01-10 - Updated: 2014-01-10
De multiples vulnérabilités ont été corrigées dans Avaya Experience Portal. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Avaya Experience Portal versions antérieures à 7.0
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eAvaya Experience Portal versions ant\u00e9rieures \u00e0 7.0\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2012-4244",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4244"
},
{
"name": "CVE-2012-3511",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3511"
},
{
"name": "CVE-2012-4405",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4405"
},
{
"name": "CVE-2011-3970",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3970"
},
{
"name": "CVE-2012-3400",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3400"
},
{
"name": "CVE-2012-2871",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2871"
},
{
"name": "CVE-2012-2870",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2870"
},
{
"name": "CVE-2012-2133",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2133"
},
{
"name": "CVE-2012-3488",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3488"
},
{
"name": "CVE-2012-1568",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1568"
},
{
"name": "CVE-2012-2893",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2893"
},
{
"name": "CVE-2012-3546",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3546"
},
{
"name": "CVE-2012-3489",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3489"
},
{
"name": "CVE-2011-1202",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1202"
},
{
"name": "CVE-2012-2825",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2825"
}
],
"initial_release_date": "2014-01-10T00:00:00",
"last_revision_date": "2014-01-10T00:00:00",
"links": [],
"reference": "CERTA-2014-AVI-008",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2014-01-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eAvaya Experience Portal\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un d\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Avaya Experience Portal",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Avaya ASA-2012-482 du 08 janvier 2014",
"url": "https://downloads.avaya.com/css/P8/documents/100167760"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Avaya ASA-2013-041 du 08 janvier 2014",
"url": "https://downloads.avaya.com/css/P8/documents/100169684"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Avaya ASA-2012-479 du 08 janvier 2014",
"url": "https://downloads.avaya.com/css/P8/documents/100167733"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Avaya ASA-2012-448 du 08 janvier 2014",
"url": "https://downloads.avaya.com/css/P8/documents/100167395"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Avaya ASA-2012-371 du 08 janvier 2014",
"url": "https://downloads.avaya.com/css/P8/documents/100166061"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Avaya ASA-2012-444 du 08 janvier 2014",
"url": "https://downloads.avaya.com/css/P8/documents/100167374"
}
]
}
CERTA-2013-AVI-146
Vulnerability from certfr_avis - Published: 2013-02-22 - Updated: 2013-02-22
De multiples vulnérabilités ont été corrigées dans les produits VMware. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | N/A | VMware ESX version 4.0 | ||
| VMware | N/A | VMware ESX version 4.1 | ||
| VMware | vCenter Server | VMware vCenter Server version 5.1 | ||
| VMware | ESXi | VMware ESXi version 3.5 | ||
| VMware | ESXi | VMware ESXi version 5.0 | ||
| VMware | ESXi | VMware ESXi version 5.1 | ||
| VMware | N/A | VMware ESX version 3.5 | ||
| VMware | ESXi | VMware ESXi version 4.1 | ||
| VMware | ESXi | VMware ESXi version 4.0 | ||
| VMware | vCenter Server | VMware vCenter Server version 5.0 | ||
| VMware | N/A | VMware VirtualCenter version 4.0 | ||
| VMware | vCenter Server | VMware vCenter Server version 4.0 |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "VMware ESX version 4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESX version 4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware vCenter Server version 5.1",
"product": {
"name": "vCenter Server",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESXi version 3.5",
"product": {
"name": "ESXi",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESXi version 5.0",
"product": {
"name": "ESXi",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESXi version 5.1",
"product": {
"name": "ESXi",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESX version 3.5",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESXi version 4.1",
"product": {
"name": "ESXi",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESXi version 4.0",
"product": {
"name": "ESXi",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware vCenter Server version 5.0",
"product": {
"name": "vCenter Server",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware VirtualCenter version 4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware vCenter Server version 4.0",
"product": {
"name": "vCenter Server",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-4609",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4609"
},
{
"name": "CVE-2012-4244",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4244"
},
{
"name": "CVE-2012-2110",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2110"
},
{
"name": "CVE-2009-5064",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-5064"
},
{
"name": "CVE-2009-5029",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-5029"
},
{
"name": "CVE-2011-3970",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3970"
},
{
"name": "CVE-2012-2871",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2871"
},
{
"name": "CVE-2012-3404",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3404"
},
{
"name": "CVE-2012-2870",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2870"
},
{
"name": "CVE-2013-1405",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1405"
},
{
"name": "CVE-2012-6324",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6324"
},
{
"name": "CVE-2011-3102",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3102"
},
{
"name": "CVE-2012-3406",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3406"
},
{
"name": "CVE-2010-0830",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0830"
},
{
"name": "CVE-2012-0864",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0864"
},
{
"name": "CVE-2012-6326",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6326"
},
{
"name": "CVE-2013-1659",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1659"
},
{
"name": "CVE-2012-2807",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2807"
},
{
"name": "CVE-2012-3405",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3405"
},
{
"name": "CVE-2012-3480",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3480"
},
{
"name": "CVE-2012-6325",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6325"
},
{
"name": "CVE-2011-1202",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1202"
},
{
"name": "CVE-2011-1089",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1089"
},
{
"name": "CVE-2012-2825",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2825"
}
],
"initial_release_date": "2013-02-22T00:00:00",
"last_revision_date": "2013-02-22T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2013-0003 VMSA-2012-0018 VMSA-2013-0001 du 21 f\u00e9vrier 2013",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0018.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2013-0003 VMSA-2012-0018 VMSA-2013-0001 du 21 f\u00e9vrier 2013",
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0001.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2013-0003 VMSA-2012-0018 VMSA-2013-0001 du 21 f\u00e9vrier 2013",
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0003.html"
}
],
"reference": "CERTA-2013-AVI-146",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2013-02-22T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eVMware\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un contournement\nde la politique de s\u00e9curit\u00e9 et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2012-0018 du 21 f\u00e9vrier 2013",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2013-0003 du 21 f\u00e9vrier 2013",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2013-0001 du 21 f\u00e9vrier 2013",
"url": null
}
]
}
CERTA-2012-AVI-069
Vulnerability from certfr_avis - Published: 2012-02-09 - Updated: 2012-02-09
De multiples vulnérabilités ont été corrigées dans Google Chrome. Elles permettent l'exécution de code arbitraire à distance.
Description
De multiples vulnérabilités ont été corrigées dans Google Chrome . Ces vulnérabilités peuvent être exploitées par une personne malintentionnée distante pour exécuter du code arbitraire.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Google Chrome versions antérieures à 17.0.963.46.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eGoogle Chrome versions ant\u00e9rieures \u00e0 17.0.963.46.\u003c/p\u003e",
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Google Chrome . Ces\nvuln\u00e9rabilit\u00e9s peuvent \u00eatre exploit\u00e9es par une personne malintentionn\u00e9e\ndistante pour ex\u00e9cuter du code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-3964",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3964"
},
{
"name": "CVE-2011-3953",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3953"
},
{
"name": "CVE-2011-3954",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3954"
},
{
"name": "CVE-2011-3972",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3972"
},
{
"name": "CVE-2011-3969",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3969"
},
{
"name": "CVE-2011-3956",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3956"
},
{
"name": "CVE-2011-3963",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3963"
},
{
"name": "CVE-2011-3970",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3970"
},
{
"name": "CVE-2011-3966",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3966"
},
{
"name": "CVE-2011-3968",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3968"
},
{
"name": "CVE-2011-3971",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3971"
},
{
"name": "CVE-2011-3958",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3958"
},
{
"name": "CVE-2011-3959",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3959"
},
{
"name": "CVE-2011-3967",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3967"
},
{
"name": "CVE-2011-3960",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3960"
},
{
"name": "CVE-2011-3965",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3965"
},
{
"name": "CVE-2011-3957",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3957"
},
{
"name": "CVE-2011-3961",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3961"
},
{
"name": "CVE-2011-3962",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3962"
},
{
"name": "CVE-2011-3955",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3955"
}
],
"initial_release_date": "2012-02-09T00:00:00",
"last_revision_date": "2012-02-09T00:00:00",
"links": [
{
"title": "Note de version Google Chrome 2012/02/stable-channel-update.html du 08 f\u00e9vrier 2012 :",
"url": "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html"
}
],
"reference": "CERTA-2012-AVI-069",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-02-09T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Google Chrome. Elles\npermettent l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans Google Chrome",
"vendor_advisories": [
{
"published_at": null,
"title": "Notes de version Google Chrome du 08 f\u00e9vrier 2012",
"url": null
}
]
}
CERTFR-2023-AVI-0499
Vulnerability from certfr_avis - Published: 2023-06-30 - Updated: 2023-06-30
De multiples vulnérabilités ont été découvertes dans Tenable Nessus Network Monitor. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Tenable | Nessus Network Monitor | Nessus Network Monitor versions antérieures à 6.2.2 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nessus Network Monitor versions ant\u00e9rieures \u00e0 6.2.2",
"product": {
"name": "Nessus Network Monitor",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2020-13871",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13871"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2016-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1838"
},
{
"name": "CVE-2019-19317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19317"
},
{
"name": "CVE-2020-24977",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24977"
},
{
"name": "CVE-2012-5134",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5134"
},
{
"name": "CVE-2016-4609",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4609"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2020-13434",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
},
{
"name": "CVE-2017-18258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
},
{
"name": "CVE-2016-9596",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9596"
},
{
"name": "CVE-2021-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3517"
},
{
"name": "CVE-2013-0338",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0338"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2021-3537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3537"
},
{
"name": "CVE-2019-19244",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19244"
},
{
"name": "CVE-2017-9047",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9047"
},
{
"name": "CVE-2017-1000381",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000381"
},
{
"name": "CVE-2021-36690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
},
{
"name": "CVE-2023-31124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31124"
},
{
"name": "CVE-2022-31160",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31160"
},
{
"name": "CVE-2020-13632",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2022-23395",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23395"
},
{
"name": "CVE-2022-4904",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4904"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2017-1000061",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000061"
},
{
"name": "CVE-2017-9048",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9048"
},
{
"name": "CVE-2019-19926",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19926"
},
{
"name": "CVE-2020-9327",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
},
{
"name": "CVE-2019-9936",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9936"
},
{
"name": "CVE-2012-6139",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6139"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2020-35525",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35525"
},
{
"name": "CVE-2017-9050",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9050"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2016-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
},
{
"name": "CVE-2017-15412",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15412"
},
{
"name": "CVE-2016-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
},
{
"name": "CVE-2017-16932",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16932"
},
{
"name": "CVE-2013-1969",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1969"
},
{
"name": "CVE-2017-5029",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5029"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2010-4494",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2019-19956",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19956"
},
{
"name": "CVE-2015-9019",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9019"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2016-3705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3705"
},
{
"name": "CVE-2020-13630",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
},
{
"name": "CVE-2015-8241",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8241"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2011-3970",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3970"
},
{
"name": "CVE-2019-19646",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19646"
},
{
"name": "CVE-2012-2871",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2871"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2011-1944",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1944"
},
{
"name": "CVE-2015-8035",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8035"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2016-1834",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1834"
},
{
"name": "CVE-2019-19925",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19925"
},
{
"name": "CVE-2019-11068",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11068"
},
{
"name": "CVE-2012-2870",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2870"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2016-4658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
},
{
"name": "CVE-2019-19924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19924"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2013-0339",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0339"
},
{
"name": "CVE-2016-1684",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1684"
},
{
"name": "CVE-2020-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2019-20388",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20388"
},
{
"name": "CVE-2019-13117",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13117"
},
{
"name": "CVE-2019-20218",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20218"
},
{
"name": "CVE-2023-31147",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31147"
},
{
"name": "CVE-2018-14567",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14567"
},
{
"name": "CVE-2015-7499",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7499"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2016-1836",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1836"
},
{
"name": "CVE-2017-5130",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5130"
},
{
"name": "CVE-2019-8457",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8457"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2015-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7500"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2017-7375",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
},
{
"name": "CVE-2015-5312",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5312"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2019-19242",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19242"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2020-7595",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7595"
},
{
"name": "CVE-2016-2073",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2073"
},
{
"name": "CVE-2015-7497",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7497"
},
{
"name": "CVE-2015-7941",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7941"
},
{
"name": "CVE-2016-1833",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1833"
},
{
"name": "CVE-2015-7995",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7995"
},
{
"name": "CVE-2015-7942",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7942"
},
{
"name": "CVE-2015-8710",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8710"
},
{
"name": "CVE-2019-19880",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19880"
},
{
"name": "CVE-2015-7498",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7498"
},
{
"name": "CVE-2015-8317",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8317"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2016-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3627"
},
{
"name": "CVE-2021-3672",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3672"
},
{
"name": "CVE-2015-8242",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8242"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2016-1840",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1840"
},
{
"name": "CVE-2021-31239",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31239"
},
{
"name": "CVE-2016-9598",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9598"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2019-13118",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13118"
},
{
"name": "CVE-2016-4607",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4607"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2016-1762",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1762"
},
{
"name": "CVE-2020-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
},
{
"name": "CVE-2018-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9251"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2016-3709",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3709"
},
{
"name": "CVE-2016-1837",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1837"
},
{
"name": "CVE-2012-0841",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0841"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2016-9597",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9597"
},
{
"name": "CVE-2015-8806",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8806"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2017-16931",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16931"
},
{
"name": "CVE-2019-19645",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19645"
},
{
"name": "CVE-2016-1839",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1839"
},
{
"name": "CVE-2016-5180",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5180"
},
{
"name": "CVE-2013-2877",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2877"
},
{
"name": "CVE-2021-45346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
},
{
"name": "CVE-2020-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
},
{
"name": "CVE-2010-4008",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
},
{
"name": "CVE-2021-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3541"
},
{
"name": "CVE-2018-14404",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14404"
},
{
"name": "CVE-2019-16168",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16168"
},
{
"name": "CVE-2021-30560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30560"
},
{
"name": "CVE-2021-20227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
},
{
"name": "CVE-2017-7376",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7376"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2014-3660",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3660"
},
{
"name": "CVE-2017-9049",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9049"
},
{
"name": "CVE-2019-19923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19923"
},
{
"name": "CVE-2023-31130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31130"
},
{
"name": "CVE-2016-4449",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
},
{
"name": "CVE-2019-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9937"
},
{
"name": "CVE-2019-5815",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5815"
},
{
"name": "CVE-2019-19959",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19959"
},
{
"name": "CVE-2019-19603",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19603"
},
{
"name": "CVE-2011-1202",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1202"
},
{
"name": "CVE-2016-5131",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5131"
},
{
"name": "CVE-2017-8872",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8872"
},
{
"name": "CVE-2020-35527",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35527"
},
{
"name": "CVE-2016-1683",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1683"
},
{
"name": "CVE-2021-3518",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3518"
},
{
"name": "CVE-2017-5969",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5969"
},
{
"name": "CVE-2020-13435",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
},
{
"name": "CVE-2016-4483",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4483"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2013-4520",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4520"
}
],
"initial_release_date": "2023-06-30T00:00:00",
"last_revision_date": "2023-06-30T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0499",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-06-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Nessus\nNetwork Monitor. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une\nex\u00e9cution de code arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0\ndistance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable Nessus Network Monitor",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2023-23 du 29 juin 2023",
"url": "https://www.tenable.com/security/tns-2023-23"
}
]
}
GHSA-PMQR-V7CP-5XFX
Vulnerability from github – Published: 2022-05-13 01:16 – Updated: 2022-05-13 01:16
VLAI?
Details
libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
{
"affected": [],
"aliases": [
"CVE-2011-3970"
],
"database_specific": {
"cwe_ids": [
"CWE-125"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2012-02-09T04:10:00Z",
"severity": "MODERATE"
},
"details": "libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.",
"id": "GHSA-pmqr-v7cp-5xfx",
"modified": "2022-05-13T01:16:25Z",
"published": "2022-05-13T01:16:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3970"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14818"
},
{
"type": "WEB",
"url": "https://www.suse.com/support/update/announcement/2013/suse-su-20131654-1.html"
},
{
"type": "WEB",
"url": "https://www.suse.com/support/update/announcement/2013/suse-su-20131656-1.html"
},
{
"type": "WEB",
"url": "http://code.google.com/p/chromium/issues/detail?id=110277"
},
{
"type": "WEB",
"url": "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
FKIE_CVE-2011-3970
Vulnerability from fkie_nvd - Published: 2012-02-09 04:10 - Updated: 2025-04-11 00:51
Severity ?
Summary
libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3785615-314D-46D8-8894-3554935C569A",
"versionEndExcluding": "17.0.963.46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9251F19D-BEA4-4ED4-9A4B-EA89E795C6D0",
"versionEndIncluding": "1.1.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*",
"matchCriteriaId": "00720D8C-3FF3-4B1C-B74B-91F01A544399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
"matchCriteriaId": "35BBD83D-BDC7-4678-BE94-639F59281139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:*:*:*",
"matchCriteriaId": "F084E6C1-8DB0-4D1F-B8EB-5D2CD9AD6E87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*",
"matchCriteriaId": "DB4D6749-81A1-41D7-BF4F-1C45A7F49A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "8B072472-B463-4647-885D-E40B0115C810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5AA37837-3083-4DC7-94F4-54FD5D7CB53C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors."
},
{
"lang": "es",
"value": "libxslt, tal y como se utiliza en Google Chrome antes de v17.0.963.46, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (lectura fuera de l\u00edmites) a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2011-3970",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-02-09T04:10:29.177",
"references": [
{
"source": "chrome-cve-admin@google.com",
"url": "http://code.google.com/p/chromium/issues/detail?id=110277"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14818"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://www.suse.com/support/update/announcement/2013/suse-su-20131654-1.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://www.suse.com/support/update/announcement/2013/suse-su-20131656-1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://code.google.com/p/chromium/issues/detail?id=110277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.suse.com/support/update/announcement/2013/suse-su-20131654-1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.suse.com/support/update/announcement/2013/suse-su-20131656-1.html"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2011-3970
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2011-3970",
"description": "libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.",
"id": "GSD-2011-3970",
"references": [
"https://www.suse.com/security/cve/CVE-2011-3970.html",
"https://access.redhat.com/errata/RHSA-2012:1265",
"https://alas.aws.amazon.com/cve/html/CVE-2011-3970.html",
"https://linux.oracle.com/cve/CVE-2011-3970.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2011-3970"
],
"details": "libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.",
"id": "GSD-2011-3970",
"modified": "2023-12-13T01:19:10.145993Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2011-3970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2013:1654",
"refsource": "SUSE",
"url": "https://www.suse.com/support/update/announcement/2013/suse-su-20131654-1.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html"
},
{
"name": "SUSE-SU-2013:1656",
"refsource": "SUSE",
"url": "https://www.suse.com/support/update/announcement/2013/suse-su-20131656-1.html"
},
{
"name": "oval:org.mitre.oval:def:14818",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14818"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=110277",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=110277"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.0.963.46",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.26",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2011-3970"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://code.google.com/p/chromium/issues/detail?id=110277",
"refsource": "CONFIRM",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=110277"
},
{
"name": "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html",
"refsource": "CONFIRM",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html"
},
{
"name": "SUSE-SU-2013:1656",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/support/update/announcement/2013/suse-su-20131656-1.html"
},
{
"name": "SUSE-SU-2013:1654",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/support/update/announcement/2013/suse-su-20131654-1.html"
},
{
"name": "oval:org.mitre.oval:def:14818",
"refsource": "OVAL",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14818"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
}
},
"lastModifiedDate": "2020-09-09T15:15Z",
"publishedDate": "2012-02-09T04:10Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…