SCAP Feed Release Update: 15-May-2015

  • Post author:
  • Reading time:20 mins read

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. This is a list of vulnerabilities detected using a vulnerability management tool.

Also, a patch management solution can help patch these vulnerabilities.

oval:org.secpod.oval:def:24338 CVE-2015-1671, TrueType font parsing vulnerability in Windows DirectWrite library in Windows components
oval:org.secpod.oval:def:24339 CVE-2015-1670, OpenType font parsing vulnerability in Windows DirectWrite library in Windows components
oval:org.secpod.oval:def:24340 CVE-2015-1670,
CVE-2015-1671,
MS15-044,
Vulnerabilities in Microsoft font drivers could allow remote code execution – MS15-044
oval:org.secpod.oval:def:24341 CVE-2015-1671, TrueType font parsing vulnerability in Microsoft Silverlight (Apple Mac OS X)
oval:org.secpod.oval:def:24342 CVE-2015-1671,
MS15-044,
TrueType font parsing vulnerability in Microsoft Silverlight (Apple Mac OS X) – MS15-044
oval:org.secpod.oval:def:501564 CVE-2014-0227,
RHSA-2015:0983-01,
RHSA-2015:0983-01 — Redhat tomcat, tomcat-servlet-3.0-api
oval:org.secpod.oval:def:501565 CVE-2015-0797,
CVE-2015-2708,
CVE-2015-2710,
CVE-2015-2713,
CVE-2015-2716,
RHSA-2015:0988-01,
RHSA-2015:0988-01 — Redhat firefox
oval:org.secpod.oval:def:501568 CVE-2015-3331,
RHSA-2015:0987-01,
RHSA-2015:0987-01 — Redhat kernel, perf
oval:org.secpod.oval:def:501569 CVE-2015-0267,
RHSA-2015:0986-01,
RHSA-2015:0986-01 — Redhat kexec-tools
oval:org.secpod.oval:def:501570 CVE-2014-0227,
RHSA-2015:0991-01,
RHSA-2015:0991-01 — Redhat tomcat6
oval:org.secpod.oval:def:702525 CVE-2015-3339,
USN-2599-1,
USN-2599-1 — linux-image
oval:org.secpod.oval:def:702526 CVE-2015-2666,
CVE-2015-2922,
USN-2587-1,
USN-2587-1 — linux-image
oval:org.secpod.oval:def:702528 CVE-2015-3310,
USN-2595-1,
USN-2595-1 — ppp vulnerability
oval:org.secpod.oval:def:702529 CVE-2015-3339,
USN-2596-1,
USN-2596-1 — linux-image
oval:org.secpod.oval:def:702530 CVE-2015-2150,
CVE-2015-2666,
CVE-2015-2830,
CVE-2015-2922,
USN-2589-1,
USN-2589-1 — linux-image
oval:org.secpod.oval:def:702532 CVE-2015-1322,
USN-2581-1,
USN-2581-1 — networkmanager vulnerability
oval:org.secpod.oval:def:702533 CVE-2015-3339,
USN-2601-1,
USN-2601-1 — linux-image
oval:org.secpod.oval:def:702534 CVE-2015-2922,
USN-2585-1,
USN-2585-1 — linux-image
oval:org.secpod.oval:def:702535 CVE-2015-3339,
USN-2583-1,
USN-2583-1 — linux-image
oval:org.secpod.oval:def:702536 CVE-2015-2666,
CVE-2015-2922,
USN-2588-1,
USN-2588-1 — linux-image
oval:org.secpod.oval:def:702537 CVE-2015-3339,
USN-2600-1,
USN-2600-1 — linux-image
oval:org.secpod.oval:def:702538 CVE-2015-3339,
USN-2598-1,
USN-2598-1 — linux-image
oval:org.secpod.oval:def:702540 CVE-2015-3294,
USN-2593-1,
USN-2593-1 — dnsmasq vulnerability
oval:org.secpod.oval:def:702541 CVE-2015-2922,
USN-2586-1,
USN-2586-1 — linux-image
oval:org.secpod.oval:def:702542 CVE-2015-2170,
CVE-2015-2221,
CVE-2015-2222,
CVE-2015-2305,
CVE-2015-2668,
USN-2594-1,
USN-2594-1 — clamav vulnerabilities
oval:org.secpod.oval:def:702544 CVE-2015-3339,
USN-2584-1,
USN-2584-1 — linux-image
oval:org.secpod.oval:def:24344 CVE-2015-3143,
CVE-2015-3144,
CVE-2015-3145,
CVE-2015-3148,
CVE-2015-3153,
USN-2591-1,
USN-2591-1 — curl vulnerabilities
oval:org.secpod.oval:def:24346 CVE-2015-3339,
USN-2597-1,
USN-2597-1 — linux-image
oval:org.secpod.oval:def:24343 CVE-2015-2150,
CVE-2015-2666,
CVE-2015-2830,
CVE-2015-2922,
USN-2590-1,
USN-2590-1 — linux-image
oval:org.secpod.oval:def:24345 CVE-2015-3451,
USN-2592-1,
USN-2592-1 — xml::libxml vulnerability
oval:org.secpod.oval:def:702548 CVE-2015-1243,
CVE-2015-1250,
USN-2582-1,
USN-2582-1 — oxide vulnerabilities
oval:org.secpod.oval:def:702549 CVE-2015-2708,
CVE-2015-2709,
CVE-2015-2710,
CVE-2015-2711,
CVE-2015-2712,
CVE-2015-2713,
CVE-2015-2715,
CVE-2015-2716,
CVE-2015-2717,
CVE-2015-2718,
USN-2602-1,
USN-2602-1 — firefox vulnerabilities
oval:org.secpod.oval:def:702550 USN-2597-2, USN-2597-2 — linux-image
oval:org.secpod.oval:def:702551 USN-2606-1, USN-2606-1 — openssl update
oval:org.secpod.oval:def:702552 CVE-2015-3406,
CVE-2015-3407,
CVE-2015-3408,
CVE-2015-3409,
USN-2607-1,
USN-2607-1 — module::signature vulnerabilities
oval:org.secpod.oval:def:702553 USN-2599-2, USN-2599-2 — linux-image
oval:org.secpod.oval:def:702554 CVE-2014-8146,
CVE-2014-8147,
USN-2605-1,
USN-2605-1 — icu vulnerabilities
oval:org.secpod.oval:def:702555 CVE-2015-3622,
USN-2604-1,
USN-2604-1 — libtasn1 vulnerability
oval:org.secpod.oval:def:702556 USN-2600-2, USN-2600-2 — linux-image
oval:org.secpod.oval:def:702558 USN-2598-2, USN-2598-2 — linux-image