SCAP Feed Release Update: 23-Mar-2015

  • Post author:
  • Reading time:47 mins read

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. This is a list of vulnerabilities detected using a vulnerability management solution.

Also, a patch management tool can patch these vulnerabilities.

oval:org.secpod.oval:def:23911 CVE-2015-0332, Arbitrary code execution vulnerability in Adobe Flash Player via unknown vectors – CVE-2015-0332 (rpm)
oval:org.secpod.oval:def:23929 CVE-2015-0340, Security bypass vulnerability in Adobe Flash Player via unspecified vectors – CVE-2015-0340 (rpm)
oval:org.secpod.oval:def:23912 CVE-2015-0332, Arbitrary code execution vulnerability in Adobe Flash Player via unknown vectors – CVE-2015-0332 (dpkg)
oval:org.secpod.oval:def:23930 CVE-2015-0340, Security bypass vulnerability in Adobe Flash Player via unspecified vectors – CVE-2015-0340 (dpkg)
oval:org.secpod.oval:def:23931 CVE-2015-0337, Security bypass vulnerability in Adobe Flash Player via unspecified vectors – CVE-2015-0337 (rpm)
oval:org.secpod.oval:def:23932 CVE-2015-0337, Security bypass vulnerability in Adobe Flash Player via unspecified vectors – CVE-2015-0337 (dpkg)
oval:org.secpod.oval:def:23933 APSB15-05,
CVE-2015-0332,
CVE-2015-0333,
CVE-2015-0334,
CVE-2015-0335,
CVE-2015-0336,
CVE-2015-0337,
CVE-2015-0338,
CVE-2015-0339,
CVE-2015-0340,
CVE-2015-0341,
CVE-2015-0342,
Multiple vulnerabilities in Adobe Flash Player – APSB15-05 (rpm)
oval:org.secpod.oval:def:23934 APSB15-05,
CVE-2015-0332,
CVE-2015-0333,
CVE-2015-0334,
CVE-2015-0335,
CVE-2015-0336,
CVE-2015-0337,
CVE-2015-0338,
CVE-2015-0339,
CVE-2015-0340,
CVE-2015-0341,
CVE-2015-0342,
Multiple vulnerabilities in Adobe Flash Player – APSB15-05 (dpkg)
oval:org.secpod.oval:def:23913 CVE-2015-0333, Arbitrary code execution vulnerability in Adobe Flash Player via unknown vectors – CVE-2015-0333 (rpm)
oval:org.secpod.oval:def:23914 CVE-2015-0333, Arbitrary code execution vulnerability in Adobe Flash Player via unknown vectors – CVE-2015-0333 (dpkg)
oval:org.secpod.oval:def:23915 CVE-2015-0335, Arbitrary code execution vulnerability in Adobe Flash Player via unknown vectors – CVE-2015-0335 (rpm)
oval:org.secpod.oval:def:23916 CVE-2015-0335, Arbitrary code execution vulnerability in Adobe Flash Player via unknown vectors – CVE-2015-0335 (dpkg)
oval:org.secpod.oval:def:23917 CVE-2015-0339, Arbitrary code execution vulnerability in Adobe Flash Player via unknown vectors – CVE-2015-0339 (rpm)
oval:org.secpod.oval:def:23918 CVE-2015-0339, Arbitrary code execution vulnerability in Adobe Flash Player via unknown vectors – CVE-2015-0339 (dpkg)
oval:org.secpod.oval:def:23919 CVE-2015-0334, Arbitrary code execution vulnerability in Adobe Flash Player by leveraging an unspecified &quot
oval:org.secpod.oval:def:23920 CVE-2015-0334, Arbitrary code execution vulnerability in Adobe Flash Player by leveraging an unspecified &quot
oval:org.secpod.oval:def:23921 CVE-2015-0336, Arbitrary code execution vulnerability in Adobe Flash Player by leveraging an unspecified &quot
oval:org.secpod.oval:def:23922 CVE-2015-0336, Arbitrary code execution vulnerability in Adobe Flash Player by leveraging an unspecified &quot
oval:org.secpod.oval:def:23923 CVE-2015-0338, Integer overflow vulnerability in Adobe Flash Player via unspecified vectors – CVE-2015-0338 (rpm)
oval:org.secpod.oval:def:23924 CVE-2015-0338, Integer overflow vulnerability in Adobe Flash Player via unspecified vectors – CVE-2015-0338 (dpkg)
oval:org.secpod.oval:def:23925 CVE-2015-0341, Use-after-free vulnerability in Adobe Flash Player via unspecified vectors – CVE-2015-0341 (rpm)
oval:org.secpod.oval:def:23926 CVE-2015-0341, Use-after-free vulnerability in Adobe Flash Player via unspecified vectors – CVE-2015-0341 (dpkg)
oval:org.secpod.oval:def:23927 CVE-2015-0342, Use-after-free vulnerability in Adobe Flash Player via unspecified vectors – CVE-2015-0342 (rpm)
oval:org.secpod.oval:def:23928 CVE-2015-0342, Use-after-free vulnerability in Adobe Flash Player via unspecified vectors – CVE-2015-0342 (dpkg)
oval:org.secpod.oval:def:23935 CVE-2015-0332, Arbitrary code execution vulnerability in Adobe Flash Player via unknown vectors – CVE-2015-0332 (Mac OS X)
oval:org.secpod.oval:def:23944 CVE-2015-0340, Security bypass vulnerability in Adobe Flash Player via unspecified vectors – CVE-2015-0340 (Mac OS X)
oval:org.secpod.oval:def:23945 CVE-2015-0337, Security bypass vulnerability in Adobe Flash Player via unspecified vectors – CVE-2015-0337 (Mac OS X)
oval:org.secpod.oval:def:23946 APSB15-05,
CVE-2015-0332,
CVE-2015-0333,
CVE-2015-0334,
CVE-2015-0335,
CVE-2015-0336,
CVE-2015-0337,
CVE-2015-0338,
CVE-2015-0339,
CVE-2015-0340,
CVE-2015-0341,
CVE-2015-0342,
Multiple vulnerabilities in Adobe Flash Player – APSB15-05 (Mac OS X)
oval:org.secpod.oval:def:23936 CVE-2015-0333, Arbitrary code execution vulnerability in Adobe Flash Player via unknown vectors – CVE-2015-0333 (Mac OS X)
oval:org.secpod.oval:def:23937 CVE-2015-0335, Arbitrary code execution vulnerability in Adobe Flash Player via unknown vectors – CVE-2015-0335 (Mac OS X)
oval:org.secpod.oval:def:23938 CVE-2015-0339, Arbitrary code execution vulnerability in Adobe Flash Player via unknown vectors – CVE-2015-0339 (Mac OS X)
oval:org.secpod.oval:def:23939 CVE-2015-0334, Arbitrary code execution vulnerability in Adobe Flash Player by leveraging an unspecified &quot
oval:org.secpod.oval:def:23940 CVE-2015-0336, Arbitrary code execution vulnerability in Adobe Flash Player by leveraging an unspecified &quot
oval:org.secpod.oval:def:23941 CVE-2015-0338, Integer overflow vulnerability in Adobe Flash Player via unspecified vectors – CVE-2015-0338 (Mac OS X)
oval:org.secpod.oval:def:23942 CVE-2015-0341, Use-after-free vulnerability in Adobe Flash Player via unspecified vectors – CVE-2015-0341 (Mac OS X)
oval:org.secpod.oval:def:23943 CVE-2015-0342, Use-after-free vulnerability in Adobe Flash Player via unspecified vectors – CVE-2015-0342 (Mac OS X)
oval:org.secpod.oval:def:601981 CVE-2015-2157,
DSA-3190-1,
DSA-3190-1 putty — putty
oval:org.secpod.oval:def:601982 CVE-2015-0885,
DSA-3192-1,
DSA-3192-1 checkpw — checkpw
oval:org.secpod.oval:def:601983 CVE-2015-2044,
CVE-2015-2045,
CVE-2015-2151,
DSA-3181-1,
DSA-3181-1 xen — xen
oval:org.secpod.oval:def:601984 CVE-2014-9656,
CVE-2014-9657,
CVE-2014-9658,
CVE-2014-9660,
CVE-2014-9661,
CVE-2014-9663,
CVE-2014-9664,
CVE-2014-9666,
CVE-2014-9667,
CVE-2014-9669,
CVE-2014-9670,
CVE-2014-9671,
CVE-2014-9672,
CVE-2014-9673,
CVE-2014-9675,
DSA-3188-1,
DSA-3188-1 freetype — freetype
oval:org.secpod.oval:def:601985 CVE-2013-2184,
CVE-2014-9057,
CVE-2015-1592,
DSA-3183-1,
DSA-3183-1 movabletype-opensource — movabletype-opensource
oval:org.secpod.oval:def:601986 CVE-2013-1569,
CVE-2013-2383,
CVE-2013-2384,
CVE-2013-2419,
CVE-2014-6585,
CVE-2014-6591,
CVE-2014-7923,
CVE-2014-7926,
CVE-2014-7940,
CVE-2014-9654,
DSA-3187-1,
DSA-3187-1 icu — icu
oval:org.secpod.oval:def:601987 CVE-2014-3591,
CVE-2015-0837,
CVE-2015-1606,
DSA-3184-1,
DSA-3184-1 gnupg — gnupg
oval:org.secpod.oval:def:601988 CVE-2014-3591,
CVE-2015-0837,
DSA-3185-1,
DSA-3185-1 libgcrypt11 — libgcrypt11
oval:org.secpod.oval:def:601989 CVE-2015-0282,
CVE-2015-0294,
DSA-3191-1,
DSA-3191-1 gnutls26 — gnutls26
oval:org.secpod.oval:def:601990 CVE-2015-1782,
DSA-3182-1,
DSA-3182-1 libssh2 — libssh2
oval:org.secpod.oval:def:601991 CVE-2014-7933,
CVE-2014-8543,
CVE-2014-8544,
CVE-2014-8547,
CVE-2014-8548,
CVE-2014-9604,
DSA-3189-1,
DSA-3189-1 libav — libav
oval:org.secpod.oval:def:601992 CVE-2014-1569,
DSA-3186-1,
DSA-3186-1 nss — nss
oval:org.secpod.oval:def:601993 CVE-2015-2091,
DSA-3177-1,
DSA-3177-1 mod-gnutls — libapache2-mod-gnutls
oval:org.secpod.oval:def:23893 CVE-2015-1084, Phishing attack vulnerability in webkit in Apple Safari (Mac OS X)
oval:org.secpod.oval:def:23902 CVE-2015-1075, Memory corruption vulnerability in webkit in Apple Safari – CVE-2015-1075 (Mac OS X)
oval:org.secpod.oval:def:23903 CVE-2015-1074, Memory corruption vulnerability in webkit in Apple Safari – CVE-2015-1074 (Mac OS X)
oval:org.secpod.oval:def:23904 CVE-2015-1073, Memory corruption vulnerability in webkit in Apple Safari – CVE-2015-1073 (Mac OS X)
oval:org.secpod.oval:def:23905 CVE-2015-1072, Memory corruption vulnerability in webkit in Apple Safari – CVE-2015-1072 (Mac OS X)
oval:org.secpod.oval:def:23906 CVE-2015-1071, Memory corruption vulnerability in webkit in Apple Safari – CVE-2015-1071 (Mac OS X)
oval:org.secpod.oval:def:23907 CVE-2015-1070, Memory corruption vulnerability in webkit in Apple Safari – CVE-2015-1070 (Mac OS X)
oval:org.secpod.oval:def:23908 CVE-2015-1069, Memory corruption vulnerability in webkit in Apple Safari – CVE-2015-1069 (Mac OS X)
oval:org.secpod.oval:def:23909 CVE-2015-1068, Memory corruption vulnerability in webkit in Apple Safari – CVE-2015-1068 (Mac OS X)
oval:org.secpod.oval:def:23910 APPLE-SA-2015-03-17-1,
CVE-2015-1068,
CVE-2015-1069,
CVE-2015-1070,
CVE-2015-1071,
CVE-2015-1072,
CVE-2015-1073,
CVE-2015-1074,
CVE-2015-1075,
CVE-2015-1076,
CVE-2015-1077,
CVE-2015-1078,
CVE-2015-1079,
CVE-2015-1080,
CVE-2015-1081,
CVE-2015-1082,
CVE-2015-1083,
CVE-2015-1084,
Multiple vulnerabilities in webkit in Apple Safari – APPLE-SA-2015-03-17-1 (Mac OS X)
oval:org.secpod.oval:def:23894 CVE-2015-1083, Memory corruption vulnerability in webkit in Apple Safari – CVE-2015-1083 (Mac OS X)
oval:org.secpod.oval:def:23895 CVE-2015-1082, Memory corruption vulnerability in webkit in Apple Safari – CVE-2015-1082 (Mac OS X)
oval:org.secpod.oval:def:23896 CVE-2015-1081, Memory corruption vulnerability in webkit in Apple Safari – CVE-2015-1081 (Mac OS X)
oval:org.secpod.oval:def:23897 CVE-2015-1080, Memory corruption vulnerability in webkit in Apple Safari – CVE-2015-1080 (Mac OS X)
oval:org.secpod.oval:def:23898 CVE-2015-1079, Memory corruption vulnerability in webkit in Apple Safari – CVE-2015-1079 (Mac OS X)
oval:org.secpod.oval:def:23899 CVE-2015-1078, Memory corruption vulnerability in webkit in Apple Safari – CVE-2015-1078 (Mac OS X)
oval:org.secpod.oval:def:23900 CVE-2015-1077, Memory corruption vulnerability in webkit in Apple Safari – CVE-2015-1077 (Mac OS X)
oval:org.secpod.oval:def:23901 CVE-2015-1076, Memory corruption vulnerability in webkit in Apple Safari – CVE-2015-1076 (Mac OS X)
oval:org.secpod.oval:def:702450 CVE-2015-2265,
USN-2532-1,
USN-2532-1 — cups-filters vulnerability
oval:org.secpod.oval:def:702451 CVE-2014-8159,
USN-2528-1,
USN-2528-1 — linux-image
oval:org.secpod.oval:def:702452 CVE-2015-2296,
USN-2531-1,
USN-2531-1 — requests vulnerability
oval:org.secpod.oval:def:702453 CVE-2015-0819,
CVE-2015-0820,
CVE-2015-0821,
CVE-2015-0822,
CVE-2015-0823,
CVE-2015-0824,
CVE-2015-0825,
CVE-2015-0826,
CVE-2015-0827,
CVE-2015-0829,
CVE-2015-0830,
CVE-2015-0831,
CVE-2015-0832,
CVE-2015-0834,
CVE-2015-0835,
CVE-2015-0836,
USN-2505-2,
USN-2505-2 — firefox regression
oval:org.secpod.oval:def:702454 CVE-2014-8159,
USN-2525-1,
USN-2525-1 — linux-image
oval:org.secpod.oval:def:702455 CVE-2014-9680,
USN-2533-1,
USN-2533-1 — sudo vulnerability
oval:org.secpod.oval:def:702456 CVE-2013-1569,
CVE-2013-2383,
CVE-2013-2384,
CVE-2013-2419,
CVE-2014-6585,
CVE-2014-6591,
CVE-2014-7923,
CVE-2014-7926,
CVE-2014-7940,
CVE-2014-9654,
USN-2522-2,
USN-2522-2 — icu regression
oval:org.secpod.oval:def:702457 CVE-2014-8159,
USN-2527-1,
USN-2527-1 — linux-image
oval:org.secpod.oval:def:702458 CVE-2014-9687,
USN-2524-1,
USN-2524-1 — ecryptfs vulnerability
oval:org.secpod.oval:def:702459 CVE-2015-1213,
CVE-2015-1214,
CVE-2015-1215,
CVE-2015-1216,
CVE-2015-1217,
CVE-2015-1218,
CVE-2015-1219,
CVE-2015-1220,
CVE-2015-1221,
CVE-2015-1222,
CVE-2015-1223,
CVE-2015-1224,
CVE-2015-1227,
CVE-2015-1228,
CVE-2015-1229,
CVE-2015-1230,
CVE-2015-1231,
CVE-2015-2238,
USN-2521-1,
USN-2521-1 — oxide vulnerabilities
oval:org.secpod.oval:def:702460 CVE-2014-8159,
USN-2529-1,
USN-2529-1 — linux-image
oval:org.secpod.oval:def:702461 CVE-2014-8159,
USN-2530-1,
USN-2530-1 — linux-image
oval:org.secpod.oval:def:702462 CVE-2013-1569,
CVE-2013-2383,
CVE-2013-2384,
CVE-2013-2419,
CVE-2014-6585,
CVE-2014-6591,
CVE-2014-7923,
CVE-2014-7926,
CVE-2014-7940,
CVE-2014-9654,
USN-2522-3,
USN-2522-3 — icu vulnerabilities
oval:org.secpod.oval:def:702463 CVE-2014-8159,
USN-2526-1,
USN-2526-1 — linux-image
oval:org.secpod.oval:def:702464 CVE-2013-5704,
CVE-2014-3581,
CVE-2014-3583,
CVE-2014-8109,
CVE-2015-0228,
USN-2523-1,
USN-2523-1 — apache http server vulnerabilities