2722 lines
151 KiB
JSON
2722 lines
151 KiB
JSON
{
|
||
"Definition": [
|
||
{
|
||
"ID": "oval:org.altlinux.errata:def:20171578",
|
||
"Version": "oval:org.altlinux.errata:def:20171578",
|
||
"Class": "patch",
|
||
"Metadata": {
|
||
"Title": "ALT-PU-2017-1578: package `firefox-esr` update to version 52.1.1-alt1",
|
||
"AffectedList": [
|
||
{
|
||
"Family": "unix",
|
||
"Platforms": [
|
||
"ALT Linux branch p11"
|
||
],
|
||
"Products": [
|
||
"ALT Container"
|
||
]
|
||
}
|
||
],
|
||
"References": [
|
||
{
|
||
"RefID": "ALT-PU-2017-1578",
|
||
"RefURL": "https://errata.altlinux.org/ALT-PU-2017-1578",
|
||
"Source": "ALTPU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01470",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01470",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01546",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01546",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01547",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01547",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01548",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01548",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01549",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01549",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01550",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01550",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01551",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01551",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01553",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01553",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01909",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01909",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01911",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01911",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01912",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01912",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01913",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01913",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01914",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01914",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01915",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01915",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01916",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01916",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01917",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01917",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01918",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01918",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01919",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01919",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01920",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01920",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01921",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01921",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01922",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01922",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01923",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01923",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2016-01924",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2016-01924",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-05740",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-05740",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-05742",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-05742",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-05745",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-05745",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-05746",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-05746",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-05793",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-05793",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-05801",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-05801",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-05834",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-05834",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-05843",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-05843",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-05846",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-05846",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2020-05847",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2020-05847",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-00038",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-00038",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-00043",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-00043",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-00047",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-00047",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-04041",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-04041",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-04047",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-04047",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2021-04197",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2021-04197",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-0718",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-0718",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-10196",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-10196",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2815",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2815",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2818",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2818",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2819",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2819",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2821",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2821",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2822",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2822",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2825",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2825",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2827",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2827",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2828",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2828",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2829",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2829",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2830",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2830",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2831",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2831",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2832",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2832",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2833",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2833",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2834",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2834",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2835",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2835",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2836",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2836",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2837",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2837",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-2838",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-2838",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5250",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5250",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5251",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5251",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5252",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5252",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5253",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5253",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5254",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5254",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5255",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5255",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5256",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5256",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5257",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5257",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5258",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5258",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5259",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5259",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5260",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5260",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5261",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5261",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5262",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5262",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5263",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5263",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5264",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5264",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5265",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5265",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5266",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5266",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5268",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5268",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5270",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5270",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5271",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5271",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5272",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5272",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5273",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5273",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5274",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5274",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5275",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5275",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5276",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5276",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5277",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5277",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5278",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5278",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5279",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5279",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5280",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5280",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5281",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5281",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5282",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5282",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5283",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5283",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5284",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5284",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5287",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5287",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5288",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5288",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5289",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5289",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5290",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5290",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5291",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5291",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5292",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5292",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5296",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5296",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-5297",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5297",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9063",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9063",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9064",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9064",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9066",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9066",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9067",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9067",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9068",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9068",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9069",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9069",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9070",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9070",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9071",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9071",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9073",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9073",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9074",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9074",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9075",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9075",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9076",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9076",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9077",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9077",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9080",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9080",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9893",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9893",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9894",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9894",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9895",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9895",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9896",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9896",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9897",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9897",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9898",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9898",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9900",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9900",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9901",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9901",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9902",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9902",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9903",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9903",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2016-9904",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9904",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5031",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5031",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5373",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5373",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5374",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5374",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5375",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5375",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5376",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5376",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5377",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5377",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5378",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5378",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5379",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5379",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5380",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5380",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5381",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5381",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5382",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5382",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5383",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5383",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5384",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5384",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5385",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5385",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5386",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5386",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5387",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5387",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5388",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5388",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5389",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5389",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5390",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5390",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5391",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5391",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5393",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5393",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5396",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5396",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5397",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5397",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5398",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5398",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5399",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5399",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5400",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5400",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5401",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5401",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5402",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5402",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5403",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5403",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5404",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5404",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5405",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5405",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5406",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5406",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5407",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5407",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5408",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5408",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5409",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5409",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5410",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5410",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5411",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5411",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5412",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5412",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5413",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5413",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5414",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5414",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5415",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5415",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5416",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5416",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5417",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5417",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5418",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5418",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5419",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5419",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5420",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5420",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5421",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5421",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5422",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5422",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5425",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5425",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5426",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5426",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5427",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5427",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5428",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5428",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5429",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5429",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5430",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5430",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5435",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5435",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5439",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5439",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5440",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5440",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5444",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5444",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5446",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5446",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5451",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5451",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5454",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5454",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5455",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5455",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5456",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5456",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5464",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5464",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5466",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5466",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-5467",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5467",
|
||
"Source": "CVE"
|
||
}
|
||
],
|
||
"Description": "This update upgrades firefox-esr to version 52.1.1-alt1. \nSecurity Fix(es):\n\n * BDU:2016-01470: Уязвимость библиотеки парсинга Expat, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2016-01546: Уязвимость набора библиотек Network Security Services и браузера Firefox, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие\n\n * BDU:2016-01547: Уязвимость браузера Firefox, позволяющая нарушителю провести XSS-атаки\n\n * BDU:2016-01548: Уязвимость браузера Firefox, позволяющая нарушителю получить доступ к полному списку отключенных плагинов\n\n * BDU:2016-01549: Уязвимость браузеров Firefox ESR и Firefox, позволяющая нарушителю вызвать отказ в обслуживании, провести кликджекинг или спуфинг-атаку\n\n * BDU:2016-01550: Уязвимость браузера Firefox, позволяющая нарушителю повлиять на целостность информации\n\n * BDU:2016-01551: Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-01553: Уязвимость браузера Firefox, позволяющая нарушителю обойти существующую политику ограничения доступа и изменить свойство location.host\n\n * BDU:2016-01909: Уязвимость браузера Firefox, позволяющая нарушителю проводить спуфинг-атаки\n\n * BDU:2016-01911: Уязвимость браузера Firefox, позволяющая нарушителю получить доступ к локальным файлам\n\n * BDU:2016-01912: Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю обойти существующую политику ограничения доступа или читать произвольные файлы\n\n * BDU:2016-01913: Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2016-01914: Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-01915: Уязвимость браузера Firefox, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2016-01916: Уязвимость браузера Firefox, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2016-01917: Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-01918: Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-01919: Уязвимость браузера Firefox, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-01920: Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2016-01921: Уязвимость браузера Firefox, позволяющая нарушителю изменять произвольные файлы\n\n * BDU:2016-01922: Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2016-01923: Уязвимость браузера Firefox, позволяющая нарушителю подменить адресную строку\n\n * BDU:2016-01924: Уязвимость браузера Firefox, позволяющая нарушителю получить информацию о последних посещенных страницах\n\n * BDU:2020-05740: Уязвимость браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная c выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2020-05742: Уязвимость браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная c использованием памяти после освобождения при обработке транзакций в редакторе, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-05745: Уязвимость функции nsTArray Length() браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-05746: Уязвимость функции txExecutionState браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-05793: Уязвимость браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная c выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2020-05801: Уязвимость функции evutil_parse_sockaddr_port (evutil.c) библиотеки асинхронного уведомления событий Libevent, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-05834: Уязвимость реализации метода nsDirIndexParser::ParseData (netwerk\\streamconv\\converters\\nsDirIndexParser.cpp) браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю получить доступ к защищаемой информации\n\n * BDU:2020-05843: Уязвимость реализации технологии HTTP/2 браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-05846: Уязвимость механизма подмены адресной строки через взаимодействие пользователя с адресной строкой и событием «onblur» браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю проводить спуфинг-атаки\n\n * BDU:2020-05847: Уязвимость функции PFileSystemRequestConstructor браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная c обходом защиты доступа к файловой системе в песочнице, позволяющая нарушителю получить доступ к защищаемой информации\n\n * BDU:2021-00038: Уязвимость браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная c непринятием мер по защите структуры веб-страницы, позволяющая нарушителю нарушителю проводить межсайтовые сценарные атаки\n\n * BDU:2021-00043: Уязвимость графической библиотеки Skia браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-00047: Уязвимость браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, связанная c выходом операции за границы буфера в памяти при манипуляции с деревом доступа DOM, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2021-04041: Уязвимость класса DOMSVGLength браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2021-04047: Уязвимость функции mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2021-04197: Уязвимость браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю подделывать обновления надстроек\n\n * CVE-2016-0718: Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.\n\n * CVE-2016-10196: Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument.\n\n * CVE-2016-2815: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.\n\n * CVE-2016-2818: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.\n\n * CVE-2016-2819: Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element.\n\n * CVE-2016-2821: Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering deletion of DOM elements that were created in the editor.\n\n * CVE-2016-2822: Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu.\n\n * CVE-2016-2825: Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify the location.host property via an invalid data: URL.\n\n * CVE-2016-2827: The mozilla::net::IsValidReferrerPolicy function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a Content Security Policy (CSP) referrer directive with zero values.\n\n * CVE-2016-2828: Use-after-free vulnerability in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via WebGL content that triggers texture access after destruction of the texture's recycle pool.\n\n * CVE-2016-2829: Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a crafted web site that rapidly triggers permission requests, as demonstrated by the microphone permission or the geolocation permission.\n\n * CVE-2016-2830: Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve the network connection used for favicon resource retrieval after the associated browser window is closed, which makes it easier for remote web servers to track users by observing network traffic from multiple IP addresses.\n\n * CVE-2016-2831: Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service (UI outage), or conduct clickjacking or spoofing attacks, via a crafted web site.\n\n * CVE-2016-2832: Mozilla Firefox before 47.0 allows remote attackers to discover the list of disabled plugins via a fingerprinting attack involving Cascading Style Sheets (CSS) pseudo-classes.\n\n * CVE-2016-2833: Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) directives for cross-domain Java applets, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted applet.\n\n * CVE-2016-2834: Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.\n\n * CVE-2016-2835: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.\n\n * CVE-2016-2836: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to Http2Session::Shutdown and SpdySession31::Shutdown, and other vectors.\n\n * CVE-2016-2837: Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media Plugin (GMP) sandbox bypass.\n\n * CVE-2016-2838: Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document.\n\n * CVE-2016-5250: Mozilla Firefox before 48.0, Firefox ESR \u003c 45.4 and Thunderbird \u003c 45.4 allow remote attackers to obtain sensitive information about the previously retrieved page via Resource Timing API calls.\n\n * CVE-2016-5251: Mozilla Firefox before 48.0 allows remote attackers to spoof the location bar via crafted characters in the media type of a data: URL.\n\n * CVE-2016-5252: Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations.\n\n * CVE-2016-5253: The Updater in Mozilla Firefox before 48.0 on Windows allows local users to write to arbitrary files via vectors involving the callback application-path parameter and a hard link.\n\n * CVE-2016-5254: Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by leveraging keyboard access to use the Alt key during selection of top-level menu items.\n\n * CVE-2016-5255: Use-after-free vulnerability in the js::PreliminaryObjectArray::sweep function in Mozilla Firefox before 48.0 allows remote attackers to execute arbitrary code via crafted JavaScript that is mishandled during incremental garbage collection.\n\n * CVE-2016-5256: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.\n\n * CVE-2016-5257: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird \u003c 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.\n\n * CVE-2016-5258: Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code by leveraging incorrect free operations on DTLS objects during the shutdown of a WebRTC session.\n\n * CVE-2016-5259: Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop.\n\n * CVE-2016-5260: Mozilla Firefox before 48.0 mishandles changes from 'INPUT type=\"password\"' to 'INPUT type=\"text\"' within a single Session Manager session, which might allow attackers to discover cleartext passwords by reading a session restoration file.\n\n * CVE-2016-5261: Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR \u003c 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.\n\n * CVE-2016-5262: Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process JavaScript event-handler attributes of a MARQUEE element within a sandboxed IFRAME element that lacks the sandbox=\"allow-scripts\" attribute value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.\n\n * CVE-2016-5263: The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages \"type confusion.\"\n\n * CVE-2016-5264: Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application.\n\n * CVE-2016-5265: Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS (UXSS) attacks or read arbitrary files, by arranging for the presence of a crafted HTML document and a crafted shortcut file in the same local directory.\n\n * CVE-2016-5266: Mozilla Firefox before 48.0 does not properly restrict drag-and-drop (aka dataTransfer) actions for file: URIs, which allows user-assisted remote attackers to access local files via a crafted web site.\n\n * CVE-2016-5268: Mozilla Firefox before 48.0 does not properly set the LINKABLE and URI_SAFE_FOR_UNTRUSTED_CONTENT flags of about: URLs that are used for error pages, which makes it easier for remote attackers to conduct spoofing attacks via a crafted URL, as demonstrated by misleading text after an about:neterror?d= substring.\n\n * CVE-2016-5270: Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to cause a denial of service (boolean out-of-bounds write) or possibly have unspecified other impact via Unicode characters that are mishandled during text conversion.\n\n * CVE-2016-5271: The PropertyProvider::GetSpacingInternal function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via text runs in conjunction with a \"display: contents\" Cascading Style Sheets (CSS) property.\n\n * CVE-2016-5272: The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site.\n\n * CVE-2016-5273: The mozilla::a11y::HyperTextAccessible::GetChildOffset function in the accessibility implementation in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code via a crafted web site.\n\n * CVE-2016-5274: Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation.\n\n * CVE-2016-5275: Buffer overflow in the mozilla::gfx::FilterSupport::ComputeSourceNeededRegions function in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code by leveraging improper interaction between empty filters and CANVAS element rendering.\n\n * CVE-2016-5276: Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an aria-owns attribute.\n\n * CVE-2016-5277: Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging improper interaction between timeline destruction and the Web Animations model implementation.\n\n * CVE-2016-5278: Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image.\n\n * CVE-2016-5279: Mozilla Firefox before 49.0 allows user-assisted remote attackers to obtain sensitive full-pathname information during a local-file drag-and-drop operation via crafted JavaScript code.\n\n * CVE-2016-5280: Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code via bidirectional text.\n\n * CVE-2016-5281: Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document.\n\n * CVE-2016-5282: Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon requests, which might allow remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by a jar: URL for a favicon resource.\n\n * CVE-2016-5283: Mozilla Firefox before 49.0 allows remote attackers to bypass the Same Origin Policy via a crafted fragment identifier in the SRC attribute of an IFRAME element, leading to insufficient restrictions on link-color information after a document is resized.\n\n * CVE-2016-5284: Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird \u003c 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority.\n\n * CVE-2016-5287: A potentially exploitable use-after-free crash during actor destruction with service workers. This issue does not affect releases earlier than Firefox 49. This vulnerability affects Firefox \u003c 49.0.2.\n\n * CVE-2016-5288: Web content could access information in the HTTP cache if e10s is disabled. This can reveal some visited URLs and the contents of those pages. This issue affects Firefox 48 and 49. This vulnerability affects Firefox \u003c 49.0.2.\n\n * CVE-2016-5289: Memory safety bugs were reported in Firefox 49. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 50.\n\n * CVE-2016-5290: Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.\n\n * CVE-2016-5291: A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.\n\n * CVE-2016-5292: During URL parsing, a maliciously crafted URL can cause a potentially exploitable crash. This vulnerability affects Firefox \u003c 50.\n\n * CVE-2016-5296: A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.\n\n * CVE-2016-5297: An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.\n\n * CVE-2016-9063: An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox \u003c 50.\n\n * CVE-2016-9064: Add-on updates failed to verify that the add-on ID inside the signed package matched the ID of the add-on being updated. An attacker who could perform a man-in-the-middle attack on the user's connection to the update server and defeat the certificate pinning protection could provide a malicious signed add-on instead of a valid update. This vulnerability affects Firefox ESR \u003c 45.5 and Firefox \u003c 50.\n\n * CVE-2016-9066: A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.\n\n * CVE-2016-9067: Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox \u003c 50.\n\n * CVE-2016-9068: A use-after-free during web animations when working with timelines resulting in a potentially exploitable crash. This vulnerability affects Firefox \u003c 50.\n\n * CVE-2016-9069: A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox \u003c 50.\n\n * CVE-2016-9070: A maliciously crafted page loaded to the sidebar through a bookmark can reference a privileged chrome window and engage in limited JavaScript operations violating cross-origin protections. This vulnerability affects Firefox \u003c 50.\n\n * CVE-2016-9071: Content Security Policy combined with HTTP to HTTPS redirection can be used by malicious server to verify whether a known site is within a user's browser history. This vulnerability affects Firefox \u003c 50.\n\n * CVE-2016-9073: WebExtensions can bypass security checks to load privileged URLs and potentially escape the WebExtension sandbox. This vulnerability affects Firefox \u003c 50.\n\n * CVE-2016-9074: An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1. This vulnerability affects Thunderbird \u003c 45.5, Firefox ESR \u003c 45.5, and Firefox \u003c 50.\n\n * CVE-2016-9075: An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged pages being allowed in the permissions list. This allows a malicious extension to then install additional extensions without explicit user permission. This vulnerability affects Firefox \u003c 50.\n\n * CVE-2016-9076: An issue where a \"\u003cselect\u003e\" dropdown menu can be used to cover location bar content, resulting in potential spoofing attacks. This attack requires e10s to be enabled in order to function. This vulnerability affects Firefox \u003c 50.\n\n * CVE-2016-9077: Canvas allows the use of the \"feDisplacementMap\" filter on images loaded cross-origin. The rendering by the filter is variable depending on the input pixel, allowing for timing attacks when the images are loaded from third party locations. This vulnerability affects Firefox \u003c 50.\n\n * CVE-2016-9080: Memory safety bugs were reported in Firefox 50.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 50.1.\n\n * CVE-2016-9893: Memory safety bugs were reported in Thunderbird 45.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.\n\n * CVE-2016-9894: A buffer overflow in SkiaGl caused when a GrGLBuffer is truncated during allocation. Later writers will overflow the buffer, resulting in a potentially exploitable crash. This vulnerability affects Firefox \u003c 50.1.\n\n * CVE-2016-9895: Event handlers on \"marquee\" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.\n\n * CVE-2016-9896: Use-after-free while manipulating the \"navigator\" object within WebVR. Note: WebVR is not currently enabled by default. This vulnerability affects Firefox \u003c 50.1.\n\n * CVE-2016-9897: Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.\n\n * CVE-2016-9898: Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.\n\n * CVE-2016-9900: External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of \"data:\" URLs. This could allow for cross-domain data leakage. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.\n\n * CVE-2016-9901: HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the \"about:pocket-saved\" (unprivileged) page, giving it access to Pocket's messaging API through HTML injection. This vulnerability affects Firefox ESR \u003c 45.6 and Firefox \u003c 50.1.\n\n * CVE-2016-9902: The Pocket toolbar button, once activated, listens for events fired from it's own pages but does not verify the origin of incoming events. This allows content from other origins to fire events and inject content and commands into the Pocket context. Note: this issue does not affect users with e10s enabled. This vulnerability affects Firefox ESR \u003c 45.6 and Firefox \u003c 50.1.\n\n * CVE-2016-9903: Mozilla's add-ons SDK had a world-accessible resource with an HTML injection vulnerability. If an additional vulnerability allowed this resource to be loaded as a document it could allow injecting content and script into an add-on's context. This vulnerability affects Firefox \u003c 50.1.\n\n * CVE-2016-9904: An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects Firefox \u003c 50.1, Firefox ESR \u003c 45.6, and Thunderbird \u003c 45.6.\n\n * CVE-2017-5031: A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.\n\n * CVE-2017-5373: Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 45.7, Firefox ESR \u003c 45.7, and Firefox \u003c 51.\n\n * CVE-2017-5374: Memory safety bugs were reported in Firefox 50.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 51.\n\n * CVE-2017-5375: JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird \u003c 45.7, Firefox ESR \u003c 45.7, and Firefox \u003c 51.\n\n * CVE-2017-5376: Use-after-free while manipulating XSL in XSLT documents. This vulnerability affects Thunderbird \u003c 45.7, Firefox ESR \u003c 45.7, and Firefox \u003c 51.\n\n * CVE-2017-5377: A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable crash. This vulnerability affects Firefox \u003c 51.\n\n * CVE-2017-5378: Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an object's content using these hash codes. This vulnerability affects Thunderbird \u003c 45.7, Firefox ESR \u003c 45.7, and Firefox \u003c 51.\n\n * CVE-2017-5379: Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing. This vulnerability affects Firefox \u003c 51.\n\n * CVE-2017-5380: A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird \u003c 45.7, Firefox ESR \u003c 45.7, and Firefox \u003c 51.\n\n * CVE-2017-5381: The \"export\" function in the Certificate Viewer can force local filesystem navigation when the \"common name\" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename. This vulnerability affects Firefox \u003c 51.\n\n * CVE-2017-5382: Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content. This vulnerability affects Firefox \u003c 51.\n\n * CVE-2017-5383: URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. This vulnerability affects Thunderbird \u003c 45.7, Firefox ESR \u003c 45.7, and Firefox \u003c 51.\n\n * CVE-2017-5384: Proxy Auto-Config (PAC) files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of HTTPS. Normally the Proxy Auto-Config file is specified by the user or machine owner and presumed to be non-malicious, but if a user has enabled Web Proxy Auto Detect (WPAD) this file can be served remotely. This vulnerability affects Firefox \u003c 51.\n\n * CVE-2017-5385: Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using this header. This vulnerability affects Firefox \u003c 51.\n\n * CVE-2017-5386: WebExtension scripts can use the \"data:\" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensions. This vulnerability affects Firefox ESR \u003c 45.7 and Firefox \u003c 51.\n\n * CVE-2017-5387: The existence of a specifically requested local file can be found due to the double firing of the \"onerror\" when the \"source\" attribute on a \"\u003ctrack\u003e\" tag refers to a file that does not exist if the source page is loaded locally. This vulnerability affects Firefox \u003c 51.\n\n * CVE-2017-5388: A STUN server in conjunction with a large number of \"webkitRTCPeerConnection\" objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on e10s systems, allowing for a denial of service attack. This vulnerability affects Firefox \u003c 51.\n\n * CVE-2017-5389: WebExtensions could use the \"mozAddonManager\" API by modifying the CSP headers on sites with the appropriate permissions and then using host requests to redirect script loads to a malicious site. This allows a malicious extension to then install additional extensions without explicit user permission. This vulnerability affects Firefox \u003c 51.\n\n * CVE-2017-5390: The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird \u003c 45.7, Firefox ESR \u003c 45.7, and Firefox \u003c 51.\n\n * CVE-2017-5391: Special \"about:\" pages used by web content, such as RSS feeds, can load privileged \"about:\" pages in an iframe. If a content-injection bug were found in one of those pages this could allow for potential privilege escalation. This vulnerability affects Firefox \u003c 51.\n\n * CVE-2017-5393: The \"mozAddonManager\" allows for the installation of extensions from the CDN for addons.mozilla.org, a publicly accessible site. This could allow malicious extensions to install additional extensions from the CDN in combination with an XSS attack on Mozilla AMO sites. This vulnerability affects Firefox \u003c 51.\n\n * CVE-2017-5396: A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird \u003c 45.7, Firefox ESR \u003c 45.7, and Firefox \u003c 51.\n\n * CVE-2017-5397: The cache directory on the local file system is set to be world writable. Firefox defaults to extracting libraries from this cache. This allows for the possibility of an installed malicious application or tools with write access to the file system to replace files used by Firefox with their own versions. This vulnerability affects Firefox \u003c 51.0.3.\n\n * CVE-2017-5398: Memory safety bugs were reported in Thunderbird 45.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.\n\n * CVE-2017-5399: Memory safety bugs were reported in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.\n\n * CVE-2017-5400: JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.\n\n * CVE-2017-5401: A crash triggerable by web content in which an \"ErrorResult\" references unassigned memory due to a logic error. The resulting crash may be exploitable. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.\n\n * CVE-2017-5402: A use-after-free can occur when events are fired for a \"FontFace\" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.\n\n * CVE-2017-5403: When adding a range to an object in the DOM, it is possible to use \"addRange\" to add the range to an incorrect root object. This triggers a use-after-free, resulting in a potentially exploitable crash. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.\n\n * CVE-2017-5404: A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.\n\n * CVE-2017-5405: Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.\n\n * CVE-2017-5406: A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.\n\n * CVE-2017-5407: Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and leads to information disclosure. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.\n\n * CVE-2017-5408: Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.\n\n * CVE-2017-5409: The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file by passing a special path to the callback parameter through the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR \u003c 45.8 and Firefox \u003c 52.\n\n * CVE-2017-5410: Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. This vulnerability affects Firefox \u003c 52, Firefox ESR \u003c 45.8, Thunderbird \u003c 52, and Thunderbird \u003c 45.8.\n\n * CVE-2017-5411: A use-after-free can occur during buffer storage operations within the ANGLE graphics library, used for WebGL content. The buffer storage can be freed while still in use in some circumstances, leading to a potentially exploitable crash. Note: This issue is in \"libGLES\", which is only in use on Windows. Other operating systems are not affected. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.\n\n * CVE-2017-5412: A buffer overflow read during SVG filter color value operations, resulting in data exposure. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.\n\n * CVE-2017-5413: A segmentation fault can occur during some bidirectional layout operations. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.\n\n * CVE-2017-5414: The file picker dialog can choose and display the wrong local default directory when instantiated. On some operating systems, this can lead to information disclosure, such as the operating system or the local account name. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.\n\n * CVE-2017-5415: An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by \"blob:\" as the protocol, leading to user confusion and further spoofing attacks. This vulnerability affects Firefox \u003c 52.\n\n * CVE-2017-5416: In certain circumstances a networking event listener can be prematurely released. This appears to result in a null dereference in practice. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.\n\n * CVE-2017-5417: When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks. This vulnerability affects Firefox \u003c 52.\n\n * CVE-2017-5418: An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set patterns. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.\n\n * CVE-2017-5419: If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of service (DOS) attack. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.\n\n * CVE-2017-5420: A \"javascript:\" url loaded by a malicious page can obfuscate its location by blanking the URL displayed in the addressbar, allowing for an attacker to spoof an existing page without the malicious page's address being displayed correctly. This vulnerability affects Firefox \u003c 52.\n\n * CVE-2017-5421: A malicious site could spoof the contents of the print preview window if popup windows are enabled, resulting in user confusion of what site is currently loaded. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.\n\n * CVE-2017-5422: If a malicious site uses the \"view-source:\" protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making \"view-source:\" linkable. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.\n\n * CVE-2017-5425: The Gecko Media Plugin sandbox allows access to local files that match specific regular expressions. On OS OX, this matching allows access to some data in subdirectories of \"/private/var\" that could expose personal or temporary data. This has been updated to not allow access to \"/private/var\" and its subdirectories. Note: this issue only affects OS X. Other operating systems are not affected. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.\n\n * CVE-2017-5426: On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to the sandbox. Note: this issue only affects Linux. Other operating systems are not affected. This vulnerability affects Firefox \u003c 52 and Thunderbird \u003c 52.\n\n * CVE-2017-5427: A non-existent chrome.manifest file will attempt to be loaded during startup from the primary installation directory. If a malicious user with local access puts chrome.manifest and other referenced files in this directory, they will be loaded and activated during startup. This could result in malicious software being added without consent or modification of referenced installed files. This vulnerability affects Firefox \u003c 52.\n\n * CVE-2017-5428: An integer overflow in \"createImageBitmap()\" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the \"createImageBitmap\" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR \u003c 52.0.1 and Firefox \u003c 52.0.1.\n\n * CVE-2017-5429: Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.\n\n * CVE-2017-5430: Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 52.1, and Firefox \u003c 53.\n\n * CVE-2017-5435: A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.\n\n * CVE-2017-5439: A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.\n\n * CVE-2017-5440: A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.\n\n * CVE-2017-5444: A buffer overflow vulnerability while parsing \"application/http-index-format\" format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from memory. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.\n\n * CVE-2017-5446: An out-of-bounds read when an HTTP/2 connection to a servers sends \"DATA\" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.\n\n * CVE-2017-5451: A mechanism to spoof the addressbar through the user interaction on the addressbar and the \"onblur\" event. The event could be used by script to affect text display to make the loaded site appear to be different from the one actually loaded within the addressbar. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 52.1, and Firefox \u003c 53.\n\n * CVE-2017-5454: A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. This allows for read only access to the local file system. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 52.1, and Firefox \u003c 53.\n\n * CVE-2017-5455: The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. This vulnerability affects Firefox ESR \u003c 52.1 and Firefox \u003c 53.\n\n * CVE-2017-5456: A mechanism to bypass file system access protections in the sandbox using the file system request constructor through an IPC message. This allows for read and write access to the local file system. This vulnerability affects Firefox ESR \u003c 52.1 and Firefox \u003c 53.\n\n * CVE-2017-5464: During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.\n\n * CVE-2017-5466: If a page is loaded from an original site through a hyperlink and contains a redirect to a \"data:text/html\" URL, triggering a reload will run the reloaded \"data:text/html\" page with its origin set incorrectly. This allows for a cross-site scripting (XSS) attack. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 52.1, and Firefox \u003c 53.\n\n * CVE-2017-5467: A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 52.1, and Firefox \u003c 53.",
|
||
"Advisory": {
|
||
"From": "errata.altlinux.org",
|
||
"Severity": "Critical",
|
||
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||
"Issued": {
|
||
"Date": "2017-05-09"
|
||
},
|
||
"Updated": {
|
||
"Date": "2017-05-09"
|
||
},
|
||
"BDUs": [
|
||
{
|
||
"ID": "BDU:2016-01470",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01470",
|
||
"Impact": "High",
|
||
"Public": "20160526"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01546",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CWE": "CWE-17",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01546",
|
||
"Impact": "Critical",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01547",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01547",
|
||
"Impact": "Low",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01548",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01548",
|
||
"Impact": "Low",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01549",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
|
||
"CWE": "CWE-284",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01549",
|
||
"Impact": "Low",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01550",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CWE": "CWE-284",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01550",
|
||
"Impact": "Low",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01551",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01551",
|
||
"Impact": "Low",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01553",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CWE": "CWE-284",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01553",
|
||
"Impact": "Low",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01909",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CWE": "CWE-254",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01909",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01911",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
|
||
"CWE": "CWE-264",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01911",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01912",
|
||
"CVSS": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01912",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01913",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01913",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01914",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CWE": "CWE-704",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01914",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01915",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CWE": "CWE-190",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01915",
|
||
"Impact": "High",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01916",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01916",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01917",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01917",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01918",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01918",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01919",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01919",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01920",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01920",
|
||
"Impact": "High",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01921",
|
||
"CVSS": "AV:L/AC:M/Au:N/C:N/I:C/A:N",
|
||
"CWE": "CWE-264",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01921",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01922",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01922",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01923",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01923",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "BDU:2016-01924",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://bdu.fstec.ru/vul/2016-01924",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-05740",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-05740",
|
||
"Impact": "Critical",
|
||
"Public": "20171026"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-05742",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-05742",
|
||
"Impact": "Critical",
|
||
"Public": "20170326"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-05745",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-05745",
|
||
"Impact": "Critical",
|
||
"Public": "20170205"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-05746",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-05746",
|
||
"Impact": "Critical",
|
||
"Public": "20170205"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-05793",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-05793",
|
||
"Impact": "Critical",
|
||
"Public": "20171026"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-05801",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-05801",
|
||
"Impact": "High",
|
||
"Public": "20170228"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-05834",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-05834",
|
||
"Impact": "High",
|
||
"Public": "20170304"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-05843",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-125",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-05843",
|
||
"Impact": "Critical",
|
||
"Public": "20170301"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-05846",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-05846",
|
||
"Impact": "Low",
|
||
"Public": "20160517"
|
||
},
|
||
{
|
||
"ID": "BDU:2020-05847",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://bdu.fstec.ru/vul/2020-05847",
|
||
"Impact": "High",
|
||
"Public": "20170321"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-00038",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-00038",
|
||
"Impact": "Low",
|
||
"Public": "20170405"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-00043",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-00043",
|
||
"Impact": "High",
|
||
"Public": "20170314"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-00047",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-00047",
|
||
"Impact": "Critical",
|
||
"Public": "20170314"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-04041",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-04041",
|
||
"Impact": "Critical",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-04047",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-04047",
|
||
"Impact": "Critical",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "BDU:2021-04197",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://bdu.fstec.ru/vul/2021-04197",
|
||
"Impact": "High",
|
||
"Public": "20160922"
|
||
}
|
||
],
|
||
"CVEs": [
|
||
{
|
||
"ID": "CVE-2016-0718",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-0718",
|
||
"Impact": "Critical",
|
||
"Public": "20160526"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-10196",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-787",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-10196",
|
||
"Impact": "High",
|
||
"Public": "20170315"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2815",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2815",
|
||
"Impact": "High",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2818",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2818",
|
||
"Impact": "High",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2819",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2819",
|
||
"Impact": "High",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2821",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "NVD-CWE-Other",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2821",
|
||
"Impact": "High",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2822",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-284",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2822",
|
||
"Impact": "Low",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2825",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-284",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2825",
|
||
"Impact": "Low",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2827",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-125",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2827",
|
||
"Impact": "Low",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2828",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "NVD-CWE-Other",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2828",
|
||
"Impact": "High",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2829",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-284",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2829",
|
||
"Impact": "Low",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2830",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2830",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2831",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:H",
|
||
"CWE": "CWE-254",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2831",
|
||
"Impact": "High",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2832",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2832",
|
||
"Impact": "Low",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2833",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2833",
|
||
"Impact": "Low",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2834",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2834",
|
||
"Impact": "High",
|
||
"Public": "20160613"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2835",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2835",
|
||
"Impact": "High",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2836",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2836",
|
||
"Impact": "High",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2837",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2837",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-2838",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-2838",
|
||
"Impact": "High",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5250",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5250",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5251",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5251",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5252",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5252",
|
||
"Impact": "High",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5253",
|
||
"CVSS": "AV:L/AC:M/Au:N/C:N/I:C/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-264",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5253",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5254",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5254",
|
||
"Impact": "Critical",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5255",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5255",
|
||
"Impact": "High",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5256",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5256",
|
||
"Impact": "Critical",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5257",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5257",
|
||
"Impact": "Critical",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5258",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5258",
|
||
"Impact": "High",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5259",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5259",
|
||
"Impact": "High",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5260",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5260",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5261",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-190",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5261",
|
||
"Impact": "High",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5262",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5262",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5263",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-704",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5263",
|
||
"Impact": "High",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5264",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5264",
|
||
"Impact": "High",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5265",
|
||
"CVSS": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5265",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5266",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
|
||
"CWE": "CWE-264",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5266",
|
||
"Impact": "High",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5268",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||
"CWE": "CWE-254",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5268",
|
||
"Impact": "Low",
|
||
"Public": "20160805"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5270",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5270",
|
||
"Impact": "Critical",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5271",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-125",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5271",
|
||
"Impact": "Low",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5272",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5272",
|
||
"Impact": "High",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5273",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-284",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5273",
|
||
"Impact": "High",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5274",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5274",
|
||
"Impact": "Critical",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5275",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5275",
|
||
"Impact": "High",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5276",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5276",
|
||
"Impact": "Critical",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5277",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5277",
|
||
"Impact": "Critical",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5278",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5278",
|
||
"Impact": "High",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5279",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5279",
|
||
"Impact": "Low",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5280",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5280",
|
||
"Impact": "Critical",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5281",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5281",
|
||
"Impact": "Critical",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5282",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5282",
|
||
"Impact": "Low",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5283",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-284",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5283",
|
||
"Impact": "High",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5284",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5284",
|
||
"Impact": "High",
|
||
"Public": "20160922"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5287",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5287",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5288",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5288",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5289",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5289",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5290",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5290",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5291",
|
||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5291",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5292",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5292",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5296",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5296",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-5297",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-190",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5297",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9063",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-190",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9063",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9064",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-295",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9064",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9066",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9066",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9067",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9067",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9068",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9068",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9069",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9069",
|
||
"Impact": "High",
|
||
"Public": "20181018"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9070",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-264",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9070",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9071",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-254",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9071",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9073",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-264",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9073",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9074",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9074",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9075",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-264",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9075",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9076",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9076",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9077",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-362",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9077",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9080",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9080",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9893",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9893",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9894",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9894",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9895",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-254",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9895",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9896",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9896",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9897",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9897",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9898",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9898",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9900",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-254",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9900",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9901",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9901",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9902",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-346",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9902",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9903",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9903",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2016-9904",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9904",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5031",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5031",
|
||
"Impact": "High",
|
||
"Public": "20170424"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5373",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5373",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5374",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5374",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5375",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5375",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5376",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5376",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5377",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5377",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5378",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5378",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5379",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5379",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5380",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5380",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5381",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-22",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5381",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5382",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5382",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5383",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5383",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5384",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5384",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5385",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5385",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5386",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5386",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5387",
|
||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
|
||
"CWE": "CWE-538",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5387",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5388",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-770",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5388",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5389",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-601",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5389",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5390",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5390",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5391",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5391",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5393",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5393",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5396",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5396",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5397",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-829",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5397",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5398",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5398",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5399",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5399",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5400",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5400",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5401",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-388",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5401",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5402",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5402",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5403",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5403",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5404",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5404",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5405",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-1187",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5405",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5406",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5406",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5407",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5407",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5408",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5408",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5409",
|
||
"CVSS": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-269",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5409",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5410",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5410",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5411",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5411",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5412",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5412",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5413",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5413",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5414",
|
||
"CVSS": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5414",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5415",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5415",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5416",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-476",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5416",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5417",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5417",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5418",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||
"CWE": "CWE-125",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5418",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5419",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5419",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5420",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5420",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5421",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5421",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5422",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5422",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5425",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5425",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5426",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
||
"CWE": "CWE-732",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5426",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5427",
|
||
"CVSS": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-362",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5427",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5428",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-190",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5428",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5429",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5429",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5430",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5430",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5435",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5435",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5439",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5439",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5440",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-416",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5440",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5444",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5444",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5446",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-125",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5446",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5451",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||
"CWE": "CWE-20",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5451",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5454",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||
"CWE": "CWE-200",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5454",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5455",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
|
||
"CWE": "NVD-CWE-noinfo",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5455",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5456",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-732",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5456",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5464",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5464",
|
||
"Impact": "Critical",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5466",
|
||
"CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||
"CWE": "CWE-79",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5466",
|
||
"Impact": "Low",
|
||
"Public": "20180611"
|
||
},
|
||
{
|
||
"ID": "CVE-2017-5467",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-119",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5467",
|
||
"Impact": "High",
|
||
"Public": "20180611"
|
||
}
|
||
],
|
||
"AffectedCPEs": {
|
||
"CPEs": [
|
||
"cpe:/o:alt:container:11"
|
||
]
|
||
}
|
||
}
|
||
},
|
||
"Criteria": {
|
||
"Operator": "AND",
|
||
"Criterions": [
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:3001",
|
||
"Comment": "ALT Linux must be installed"
|
||
}
|
||
],
|
||
"Criterias": [
|
||
{
|
||
"Operator": "OR",
|
||
"Criterions": [
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20171578001",
|
||
"Comment": "firefox-esr is earlier than 0:52.1.1-alt1"
|
||
}
|
||
]
|
||
}
|
||
]
|
||
}
|
||
}
|
||
]
|
||
} |