pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
965bfc23c8
vuln-list-alt/oval/c9f2/ALT-PU-2014-2196/definitions.json
pepelyaevip 83c40c9d64 ALT Vulnerability
2024-07-06 03:04:52 +00:00

176 lines
7.7 KiB
JSON
Raw Blame History

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20142196",
"Version": "oval:org.altlinux.errata:def:20142196",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2014-2196: package `seamonkey` update to version 2.29.1-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2014-2196",
"RefURL": "https://errata.altlinux.org/ALT-PU-2014-2196",
"Source": "ALTPU"
},
{
"RefID": "BDU:2015-00241",
"RefURL": "https://bdu.fstec.ru/vul/2015-00241",
"Source": "BDU"
},
{
"RefID": "BDU:2015-00450",
"RefURL": "https://bdu.fstec.ru/vul/2015-00450",
"Source": "BDU"
},
{
"RefID": "BDU:2015-00466",
"RefURL": "https://bdu.fstec.ru/vul/2015-00466",
"Source": "BDU"
},
{
"RefID": "BDU:2015-00677",
"RefURL": "https://bdu.fstec.ru/vul/2015-00677",
"Source": "BDU"
},
{
"RefID": "BDU:2015-00709",
"RefURL": "https://bdu.fstec.ru/vul/2015-00709",
"Source": "BDU"
},
{
"RefID": "BDU:2015-10003",
"RefURL": "https://bdu.fstec.ru/vul/2015-10003",
"Source": "BDU"
},
{
"RefID": "CVE-2014-1568",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2014-1568",
"Source": "CVE"
}
],
"Description": "This update upgrades seamonkey to version 2.29.1-alt1. \nSecurity Fix(es):\n\n * BDU:2015-00241: Уязвимость браузера Google Chrome, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2015-00450: Уязвимость браузера Firefox, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2015-00466: Уязвимость программного обеспечения Firefox ESR, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2015-00677: Уязвимость программного обеспечения SeaMonkey, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2015-00709: Уязвимость программного обеспечения Thunderbird, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2015-10003: Уязвимость программной платформы Oracle Fusion Middleware, позволяющая удаленному нарушителю подменить RSA-подпись\n\n * CVE-2014-1568: Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a \"signature malleability\" issue.\n\n * MFSA 2014-73: description unavailable",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2014-09-27"
},
"Updated": {
"Date": "2014-09-27"
},
"BDUs": [
{
"ID": "BDU:2015-00241",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CWE": "CWE-310",
"Href": "https://bdu.fstec.ru/vul/2015-00241",
"Impact": "High",
"Public": "20140925"
},
{
"ID": "BDU:2015-00450",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CWE": "CWE-310",
"Href": "https://bdu.fstec.ru/vul/2015-00450",
"Impact": "High",
"Public": "20140925"
},
{
"ID": "BDU:2015-00466",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CWE": "CWE-310",
"Href": "https://bdu.fstec.ru/vul/2015-00466",
"Impact": "High",
"Public": "20140925"
},
{
"ID": "BDU:2015-00677",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CWE": "CWE-310",
"Href": "https://bdu.fstec.ru/vul/2015-00677",
"Impact": "High",
"Public": "20140925"
},
{
"ID": "BDU:2015-00709",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CWE": "CWE-310",
"Href": "https://bdu.fstec.ru/vul/2015-00709",
"Impact": "High",
"Public": "20140925"
},
{
"ID": "BDU:2015-10003",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CWE": "CWE-310",
"Href": "https://bdu.fstec.ru/vul/2015-10003",
"Impact": "High",
"Public": "20140920"
}
],
"CVEs": [
{
"ID": "CVE-2014-1568",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CWE": "CWE-310",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2014-1568",
"Impact": "High",
"Public": "20140925"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20142196001",
"Comment": "rpm-build-seamonkey is earlier than 1:2.29.1-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20142196002",
"Comment": "seamonkey is earlier than 1:2.29.1-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20142196003",
"Comment": "seamonkey-devel is earlier than 1:2.29.1-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20142196004",
"Comment": "seamonkey-lightning is earlier than 1:2.29.1-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink