SCAP Feed Release Update: 05-Dec-2014

  • Post author:
  • Reading time:36 mins read

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. This is a list of vulnerabilities detected using a vulnerability management solution.

Also, a patch management tool can patch these vulnerabilities.

oval:org.secpod.oval:def:21835 2905247, Elevation of privilege vulnerability in Microsoft .NET Framework – 2905247
oval:org.secpod.oval:def:601852 CVE-2014-9031,
CVE-2014-9033,
CVE-2014-9034,
CVE-2014-9035,
CVE-2014-9036,
CVE-2014-9037,
CVE-2014-9038,
CVE-2014-9039,
DSA-3085-1,
DSA-3085-1 wordpress — wordpress
oval:org.secpod.oval:def:601853 CVE-2014-8767,
CVE-2014-8769,
CVE-2014-9140,
DSA-3086-1,
DSA-3086-1 tcpdump — tcpdump
oval:org.secpod.oval:def:601854 CVE-2014-8104,
DSA-3084-1,
DSA-3084-1 openvpn — openvpn
oval:org.secpod.oval:def:107973 CVE-2014-4877,
FEDORA-2014-15405,
FEDORA-2014-15405 — Fedora 19 wget-1.16-3.fc19
oval:org.secpod.oval:def:107974 CVE-2014-8958,
CVE-2014-8959,
CVE-2014-8960,
CVE-2014-8961,
FEDORA-2014-15538,
FEDORA-2014-15538 — Fedora 20 phpMyAdmin-4.2.12-1.fc20
oval:org.secpod.oval:def:107975 CVE-2014-9016,
FEDORA-2014-15528,
FEDORA-2014-15528 — Fedora 20 drupal7-7.34-1.fc20
oval:org.secpod.oval:def:107976 CVE-2014-9016,
FEDORA-2014-15522,
FEDORA-2014-15522 — Fedora 19 drupal7-7.34-1.fc19
oval:org.secpod.oval:def:107977 CVE-2014-0165,
CVE-2014-0166,
CVE-2014-9031,
CVE-2014-9032,
CVE-2014-9033,
CVE-2014-9034,
CVE-2014-9035,
CVE-2014-9036,
CVE-2014-9037,
CVE-2014-9038,
CVE-2014-9039,
FEDORA-2014-15507,
FEDORA-2014-15507 — Fedora 20 wordpress-4.0.1-1.fc20
oval:org.secpod.oval:def:107978 CVE-2013-1432,
CVE-2013-1442,
CVE-2013-1918,
CVE-2013-2194,
CVE-2013-2195,
CVE-2013-2196,
CVE-2013-2211,
CVE-2013-2212,
CVE-2013-4329,
CVE-2013-4355,
CVE-2013-4361,
CVE-2013-4368,
CVE-2013-4369,
CVE-2013-4370,
CVE-2013-4371,
CVE-2013-4375,
CVE-2013-4416,
CVE-2013-4494,
CVE-2013-4551,
CVE-2013-4553,
CVE-2013-4554,
CVE-2013-6375,
CVE-2013-6400,
CVE-2013-6885,
CVE-2014-0150,
CVE-2014-1642,
CVE-2014-1666,
CVE-2014-1891,
CVE-2014-1892,
CVE-2014-1893,
CVE-2014-1894,
CVE-2014-1895,
CVE-2014-1896,
CVE-2014-1950,
CVE-2014-2599,
CVE-2014-3124,
CVE-2014-3967,
CVE-2014-3968,
CVE-2014-4021,
CVE-2014-5146,
CVE-2014-7154,
CVE-2014-7155,
CVE-2014-7156,
CVE-2014-7188,
CVE-2014-8594,
CVE-2014-8595,
CVE-2014-9030,
FEDORA-2014-15503,
FEDORA-2014-15503 — Fedora 19 xen-4.2.5-5.fc19
oval:org.secpod.oval:def:107979 CVE-2014-8958,
CVE-2014-8959,
CVE-2014-8960,
CVE-2014-8961,
FEDORA-2014-15535,
FEDORA-2014-15535 — Fedora 19 phpMyAdmin-4.2.12-1.fc19
oval:org.secpod.oval:def:107980 CVE-2014-8990,
FEDORA-2014-15373,
FEDORA-2014-15373 — Fedora 19 lsyncd-2.1.4-4.fc19.1
oval:org.secpod.oval:def:107982 CVE-2013-1443,
CVE-2014-0473,
CVE-2014-0474,
CVE-2014-0480,
CVE-2014-0481,
CVE-2014-0482,
CVE-2014-0483,
CVE-2014-1418,
FEDORA-2014-15307,
FEDORA-2014-15307 — Fedora 19 python-django14-1.4.16-1.fc19
oval:org.secpod.oval:def:107983 CVE-2014-0015,
CVE-2014-0138,
CVE-2014-3613,
CVE-2014-3620,
CVE-2014-3707,
FEDORA-2014-15706,
FEDORA-2014-15706 — Fedora 20 curl-7.32.0-16.fc20
oval:org.secpod.oval:def:107984 CVE-2012-6662,
CVE-2014-9015,
FEDORA-2014-15515,
FEDORA-2014-15515 — Fedora 19 drupal6-6.34-1.fc19
oval:org.secpod.oval:def:107985 CVE-2014-1693,
FEDORA-2014-15394,
FEDORA-2014-15394 — Fedora 20 erlang-R16B-03.9.fc20
oval:org.secpod.oval:def:107987 CVE-2013-2173,
CVE-2013-2199,
CVE-2013-2200,
CVE-2013-2201,
CVE-2013-2202,
CVE-2013-2203,
CVE-2013-2204,
CVE-2013-4338,
CVE-2013-4339,
CVE-2013-4340,
CVE-2014-0165,
CVE-2014-0166,
CVE-2014-9031,
CVE-2014-9032,
CVE-2014-9033,
CVE-2014-9034,
CVE-2014-9035,
CVE-2014-9036,
CVE-2014-9037,
CVE-2014-9038,
CVE-2014-9039,
FEDORA-2014-15526,
FEDORA-2014-15526 — Fedora 19 wordpress-4.0.1-1.fc19
oval:org.secpod.oval:def:107988 CVE-2014-0473,
CVE-2014-0474,
CVE-2014-0480,
CVE-2014-0481,
CVE-2014-0482,
CVE-2014-0483,
CVE-2014-1418,
FEDORA-2014-15266,
FEDORA-2014-15266 — Fedora 20 python-django14-1.4.16-1.fc20
oval:org.secpod.oval:def:107989 CVE-2012-6662,
CVE-2014-9015,
FEDORA-2014-15519,
FEDORA-2014-15519 — Fedora 20 drupal6-6.34-1.fc20
oval:org.secpod.oval:def:107990 CVE-2014-1934,
FEDORA-2014-15464,
FEDORA-2014-15464 — Fedora 20 python-eyed3-0.7.4-4.fc20
oval:org.secpod.oval:def:107992 CVE-2014-8990,
FEDORA-2014-15393,
FEDORA-2014-15393 — Fedora 20 lsyncd-2.1.4-4.fc20.1
oval:org.secpod.oval:def:107993 CVE-2012-5615,
CVE-2014-4274,
CVE-2014-4287,
CVE-2014-6463,
CVE-2014-6478,
CVE-2014-6484,
CVE-2014-6495,
CVE-2014-6505,
CVE-2014-6520,
CVE-2014-6530,
CVE-2014-6551,
FEDORA-2014-14791,
FEDORA-2014-14791 — Fedora 20 mariadb-galera-5.5.40-2.fc20
oval:org.secpod.oval:def:107994 CVE-2013-2212,
CVE-2013-4553,
CVE-2013-4554,
CVE-2013-6375,
CVE-2013-6400,
CVE-2013-6885,
CVE-2014-0150,
CVE-2014-1642,
CVE-2014-1666,
CVE-2014-1891,
CVE-2014-1892,
CVE-2014-1893,
CVE-2014-1894,
CVE-2014-1895,
CVE-2014-1896,
CVE-2014-1950,
CVE-2014-2599,
CVE-2014-3124,
CVE-2014-3967,
CVE-2014-3968,
CVE-2014-4021,
CVE-2014-5146,
CVE-2014-7154,
CVE-2014-7155,
CVE-2014-7156,
CVE-2014-7188,
CVE-2014-8594,
CVE-2014-8595,
CVE-2014-9030,
FEDORA-2014-15521,
FEDORA-2014-15521 — Fedora 20 xen-4.3.3-5.fc20
oval:org.secpod.oval:def:107995 CVE-2014-1934,
FEDORA-2014-15477,
FEDORA-2014-15477 — Fedora 19 python-eyed3-0.7.4-4.fc19
oval:org.secpod.oval:def:702314 CVE-2014-1587,
CVE-2014-1588,
CVE-2014-1589,
CVE-2014-1590,
CVE-2014-1591,
CVE-2014-1592,
CVE-2014-1593,
CVE-2014-1594,
USN-2424-1,
USN-2424-1 — firefox vulnerabilities
oval:org.secpod.oval:def:702315 CVE-2014-8583,
USN-2431-1,
USN-2431-1 — mod_wsgi vulnerability
oval:org.secpod.oval:def:702316 CVE-2014-1587,
CVE-2014-1590,
CVE-2014-1592,
CVE-2014-1593,
CVE-2014-1594,
USN-2428-1,
USN-2428-1 — thunderbird vulnerabilities
oval:org.secpod.oval:def:702317 CVE-2012-6656,
CVE-2014-6040,
CVE-2014-7817,
USN-2432-1,
USN-2432-1 — gnu c library vulnerabilities
oval:org.secpod.oval:def:702318 CVE-2014-8104,
USN-2430-1,
USN-2430-1 — openvpn vulnerability
oval:org.secpod.oval:def:702319 CVE-2014-3158,
USN-2429-1,
USN-2429-1 — ppp vulnerability
oval:org.secpod.oval:def:21836 CVE-2014-4465, Security bypass vulnerability in Apple Safari due to cross-origin elements being loaded
oval:org.secpod.oval:def:21845 CVE-2014-4473, Multiple memory corruption vulnerabilities in Apple Safari – CVE-2014-4473
oval:org.secpod.oval:def:21846 CVE-2014-4474, Multiple memory corruption vulnerabilities in Apple Safari – CVE-2014-4474
oval:org.secpod.oval:def:21847 CVE-2014-4475, Multiple memory corruption vulnerabilities in Apple Safari – CVE-2014-4475
oval:org.secpod.oval:def:21837 CVE-2014-4452, Multiple memory corruption vulnerabilities in Apple Safari – CVE-2014-4452
oval:org.secpod.oval:def:21838 APPLE-SA-2014-12-3-1,
CVE-2014-1748,
CVE-2014-4452,
CVE-2014-4459,
CVE-2014-4465,
CVE-2014-4466,
CVE-2014-4468,
CVE-2014-4469,
CVE-2014-4470,
CVE-2014-4471,
CVE-2014-4472,
CVE-2014-4473,
CVE-2014-4474,
CVE-2014-4475,
Multiple memory corruption vulnerabilities in Apple Safari – APPLE-SA-2014-12-3-1
oval:org.secpod.oval:def:21839 CVE-2014-4466, Multiple memory corruption vulnerabilities in Apple Safari – CVE-2014-4466
oval:org.secpod.oval:def:21840 CVE-2014-4468, Multiple memory corruption vulnerabilities in Apple Safari – CVE-2014-4468
oval:org.secpod.oval:def:21841 CVE-2014-4469, Multiple memory corruption vulnerabilities in Apple Safari – CVE-2014-4469
oval:org.secpod.oval:def:21842 CVE-2014-4470, Multiple memory corruption vulnerabilities in Apple Safari – CVE-2014-4470
oval:org.secpod.oval:def:21843 CVE-2014-4471, Multiple memory corruption vulnerabilities in Apple Safari – CVE-2014-4471
oval:org.secpod.oval:def:21844 CVE-2014-4472, Multiple memory corruption vulnerabilities in Apple Safari – CVE-2014-4472