SCAP Feed Release : 29-Dec-2017

  • Post author:
  • Reading time:20 mins read

The following SCAP content has been released to SCAP Repo and SecPod Saner Solution. SecPod Saner will automatically pull the relevant content on its next scheduled update.

oval:org.secpod.oval:def:43307 CVE-2017-14819 Information disclosure vulnerability in cdef Box Handler in Foxit Reader
oval:org.secpod.oval:def:43308 CVE-2017-14818 Information disclosure vulnerability in JPEG2000 images embedded in PDF files in Foxit Reader
oval:org.secpod.oval:def:43309 CVE-2017-10959 Arbitrary code execution vulnerability in setAction method of Link objects in Foxit Reader
oval:org.secpod.oval:def:43310 CVE-2017-10958 Arbitrary code execution vulnerability in the value attribute of Field objects in Foxit Reader
oval:org.secpod.oval:def:43311 CVE-2017-10957 Arbitrary code execution vulnerability in the arrowEnd attribute of Annotation objects in Foxit Reader
oval:org.secpod.oval:def:43312 CVE-2017-10956 Information disclosure vulnerability in the tile index member of SOT markers in Foxit Reader
oval:org.secpod.oval:def:43314 CVE-2017-16571 Arbitrary code execution vulnerability in Foxit Reader while handling references to the app object from FormCalc
oval:org.secpod.oval:def:43315 CVE-2017-14837 Arbitrary code execution vulnerability in the pageSpan method of XFA Layout objects in Foxit Reader
oval:org.secpod.oval:def:43316 CVE-2017-14836 Arbitrary code execution vulnerability in the modDate attribute of Annotation objects in Foxit Reader
oval:org.secpod.oval:def:43317 CVE-2017-14835 Arbitrary code execution vulnerability in the page method of XFA Layout objects in Foxit Reader
oval:org.secpod.oval:def:43318 CVE-2017-14834 Arbitrary code execution vulnerability in the style attribute of FileAttachment annotation objects in Foxit Reader
oval:org.secpod.oval:def:43319 CVE-2017-14833 Arbitrary code execution vulnerability in the style attribute of Text Annotation objects in Foxit Reader
oval:org.secpod.oval:def:43320 CVE-2017-14832 Arbitrary code execution vulnerability in the style attribute of Caret Annotation objects in Foxit Reader
oval:org.secpod.oval:def:43321 CVE-2017-14831 Arbitrary code execution vulnerability in the author attribute of Circle Annotation objects in Foxit Reader
oval:org.secpod.oval:def:43322 CVE-2017-14830 Arbitrary code execution vulnerability in the setFocus method of XFAScriptObject objects in Foxit Reader
oval:org.secpod.oval:def:43323 CVE-2017-14829 Arbitrary code execution vulnerability in the openList method of XFAScriptObject objects in Foxit Reader
oval:org.secpod.oval:def:43324 CVE-2017-14828 Arbitrary code execution vulnerability in the w method of XFA Layout objects in Foxit Reader
oval:org.secpod.oval:def:43325 CVE-2017-14827 Arbitrary code execution vulnerability in the append method of XFA Node objects in Foxit Reader
oval:org.secpod.oval:def:43326 CVE-2017-14826 Arbitrary code execution vulnerability in the formNodes method of XFA Node objects in Foxit Reader
oval:org.secpod.oval:def:43327 CVE-2017-14825 Arbitrary code execution vulnerability in the remove method of XFAScriptObject objects in Foxit Reader
oval:org.secpod.oval:def:43328 CVE-2017-14824 Arbitrary code execution vulnerability in the insert method of XFAScriptObject objects in Foxit Reader
oval:org.secpod.oval:def:43330 CVE-2017-14822 Arbitrary code execution vulnerability in the parsing of the xOsiz member of SIZ markers in Foxit Reader
oval:org.secpod.oval:def:43331 CVE-2017-14821 Arbitrary code execution vulnerability in the parsing of the xTsiz member of SIZ markers in Foxit Reader
oval:org.secpod.oval:def:43332 CVE-2017-14820 Arbitrary code execution vulnerability in the tile index of the SOT marker in JPEG2000 images in Foxit Reader
oval:org.secpod.oval:def:43333 CVE-2017-16589 Arbitrary code execution vulnerability in the parsing of the yTsiz member of SIZ markers in Foxit Reader
oval:org.secpod.oval:def:43334 CVE-2017-16588 Arbitrary code execution vulnerability in the parsing of SOT markers in Foxit Reader
oval:org.secpod.oval:def:43335 CVE-2017-16587 Arbitrary code execution vulnerability in the removeField method in Foxit Reader
oval:org.secpod.oval:def:43336 CVE-2017-16586 Arbitrary code execution vulnerability in the addAnnot method in Foxit Reader
oval:org.secpod.oval:def:43337 CVE-2017-16585 Arbitrary code execution vulnerability in the app.response method in Foxit Reader
oval:org.secpod.oval:def:43338 CVE-2017-16584 Information disclosure vulnerability in util.printf in Foxit Reader
oval:org.secpod.oval:def:43339 CVE-2017-16583 Arbitrary code execution vulnerability in the datasets element of XFA forms in Foxit Reader
oval:org.secpod.oval:def:43340 CVE-2017-16582 Arbitrary code execution vulnerability in the clearItems XFA method in Foxit Reader
oval:org.secpod.oval:def:43341 CVE-2017-16581 Arbitrary code execution vulnerability in the author attribute of the Document object in Foxit Reader
oval:org.secpod.oval:def:43342 CVE-2017-16580 Arbitrary code execution vulnerability in the ImageField node of XFA forms in Foxit Reader
oval:org.secpod.oval:def:43343 CVE-2017-16579 Arbitrary code execution vulnerability in the parsing of JPEG2000 images in Foxit Reader
oval:org.secpod.oval:def:43344 CVE-2017-16578 Arbitrary code execution vulnerability in the picture elements within XFA forms in Foxit Reader
oval:org.secpod.oval:def:43345 CVE-2017-16577 Arbitrary code execution vulnerability in the alignment attribute of Field objects in Foxit Reader
oval:org.secpod.oval:def:43348 CVE-2017-16574 Information disclosure vulnerability in the parsing of Image filters in Foxit Reader
oval:org.secpod.oval:def:43349 CVE-2017-16573 Information disclosure vulnerability in the parsing of LZWDecode filters in Foxit Reader
oval:org.secpod.oval:def:43350 CVE-2017-7845 Buffer overflow vulnerability in Mozilla Thunderbird while validating elements using Direct 3D 9
oval:org.secpod.oval:def:43351 CVE-2017-7846 Javascript execution vulnerability in the parsed RSS feed in Mozilla Thunderbird
oval:org.secpod.oval:def:43352 CVE-2017-7847 Information disclosure vulnerability from the RSS feed in Mozilla Thunderbird
oval:org.secpod.oval:def:43353 CVE-2017-7848 Cross site scripting vulnerability in RSS fields in Mozilla Thunderbird
oval:org.secpod.oval:def:43354 CVE-2017-7829 Address spoofing vulnerability in from adresses in Mozilla Thunderbird
oval:org.secpod.oval:def:43355 CVE-2017-7829
CVE-2017-7845
CVE-2017-7846
CVE-2017-7847
CVE-2017-7848
MFSA2017-30
Multiple vulnerabilities in Mozilla Thunderbird – MFSA2017-30
oval:org.secpod.oval:def:43356 CVE-2017-7846 Javascript execution vulnerability in the parsed RSS feed in Mozilla Thunderbird (Mac OS X)
oval:org.secpod.oval:def:43357 CVE-2017-7847 Information disclosure vulnerability from the RSS feed in Mozilla Thunderbird (Mac OS X)
oval:org.secpod.oval:def:43358 CVE-2017-7848 Cross site scripting vulnerability in RSS fields in Mozilla Thunderbird (Mac OS X)
oval:org.secpod.oval:def:43359 CVE-2017-7829 Address spoofing vulnerability in from adresses in Mozilla Thunderbird (Mac OS X)
oval:org.secpod.oval:def:43360 CVE-2017-7829
CVE-2017-7846
CVE-2017-7847
CVE-2017-7848
MFSA2017-30
Multiple vulnerabilities in Mozilla Thunderbird – MFSA2017-30 (Mac OS X)