SCAP Feed Release: 25-Apr-2016

  • Post author:
  • Reading time:60 mins read

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update.

oval:org.secpod.oval:def:34009 CVE-2016-2563, Stack-based buffer overflow vulnerability in the SCP command-line utility in PuTTY
oval:org.secpod.oval:def:34010 CVE-2016-3941, Buffer overflow vulnerability in VideoLAN vlc media player via a crafted wav file (Mac OS X)
oval:org.secpod.oval:def:34039 CVE-2016-1006, ASLR bypass vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1006 (Mac)
oval:org.secpod.oval:def:34040 CVE-2016-1011, Use-after-free vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1011 (Mac)
oval:org.secpod.oval:def:34041 CVE-2016-1012, Denial of service vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1012 (Mac)
oval:org.secpod.oval:def:34042 CVE-2016-1013, Use-after-free vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1013 (Mac)
oval:org.secpod.oval:def:34043 CVE-2016-1014, Untrusted search path vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1014 (Mac)
oval:org.secpod.oval:def:34044 CVE-2016-1015, Type confusion vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1015 (Mac)
oval:org.secpod.oval:def:34045 CVE-2016-1016, Use-after-free vulnerability in Adobe Flash Player and Adobe AIR via a flash.geom.Matrix callback (Mac)
oval:org.secpod.oval:def:34046 CVE-2016-1017, Use-after-free vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1017 (Mac)
oval:org.secpod.oval:def:34047 CVE-2016-1018, Stack-based buffer overflow vulnerability in Adobe Flash Player and Adobe AIR via crafted JPEG-XR data (Mac)
oval:org.secpod.oval:def:34048 CVE-2016-1020, Denial of service vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1020 (Mac)
oval:org.secpod.oval:def:34049 CVE-2016-1021, Denial of service vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1021 (Mac)
oval:org.secpod.oval:def:34050 CVE-2016-1022, Denial of service vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1022 (Mac)
oval:org.secpod.oval:def:34051 CVE-2016-1023, Denial of service vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1023 (Mac)
oval:org.secpod.oval:def:34052 CVE-2016-1024, Denial of service vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1024 (Mac)
oval:org.secpod.oval:def:34053 CVE-2016-1025, Denial of service vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1025 (Mac)
oval:org.secpod.oval:def:34054 CVE-2016-1026, Denial of service vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1026 (Mac)
oval:org.secpod.oval:def:34055 CVE-2016-1027, Denial of service vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1027 (Mac)
oval:org.secpod.oval:def:34056 CVE-2016-1028, Denial of service vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1028 (Mac)
oval:org.secpod.oval:def:34057 CVE-2016-1029, Denial of service vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1029 (Mac)
oval:org.secpod.oval:def:34058 CVE-2016-1030, Security bypass vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1030 (Mac)
oval:org.secpod.oval:def:34059 CVE-2016-1031, Use-after-free vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1031 (Mac)
oval:org.secpod.oval:def:34060 CVE-2016-1032, Denial of service vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1032 (Mac)
oval:org.secpod.oval:def:34061 CVE-2016-1033, Denial of service vulnerability in Adobe Flash Player and Adobe AIR – CVE-2016-1033 (Mac)
oval:org.secpod.oval:def:34038 APSB16-10,
CVE-2016-1006,
CVE-2016-1011,
CVE-2016-1012,
CVE-2016-1013,
CVE-2016-1014,
CVE-2016-1015,
CVE-2016-1016,
CVE-2016-1017,
CVE-2016-1018,
CVE-2016-1019,
CVE-2016-1020,
CVE-2016-1021,
CVE-2016-1022,
CVE-2016-1023,
CVE-2016-1024,
CVE-2016-1025,
CVE-2016-1026,
CVE-2016-1027,
CVE-2016-1028,
CVE-2016-1029,
CVE-2016-1030,
CVE-2016-1031,
CVE-2016-1032,
CVE-2016-1033,
Multiple vulnerabilities in Adobe Flash Player and Adobe AIR – APSB16-10 (Mac)
oval:org.secpod.oval:def:34066 CVE-2016-1006, ASLR bypass vulnerability in Adobe Flash Player via JIT data (dpkg)
oval:org.secpod.oval:def:34067 CVE-2016-1011, Use-after-free vulnerability in Adobe Flash Player via unspecified vectors (dpkg)
oval:org.secpod.oval:def:34068 CVE-2016-1012, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1012 (dpkg)
oval:org.secpod.oval:def:34069 CVE-2016-1013, Use-after-free vulnerability in Adobe Flash Player – CVE-2016-1013 (dpkg)
oval:org.secpod.oval:def:34070 CVE-2016-1014, Untrusted search path vulnerability in Adobe Flash Player via a Trojan horse resource (dpkg)
oval:org.secpod.oval:def:34071 CVE-2016-1015, Type confusion vulnerability in Adobe Flash Player – CVE-2016-1015 (dpkg)
oval:org.secpod.oval:def:34072 CVE-2016-1016, Use-after-free vulnerability in Adobe Flash Player via a flash.geom.Matrix callback (dpkg)
oval:org.secpod.oval:def:34073 CVE-2016-1017, Use-after-free vulnerability in Adobe Flash Player – CVE-2016-1017 (dpkg)
oval:org.secpod.oval:def:34074 CVE-2016-1018, Stack-based buffer overflow vulnerability in Adobe Flash Player via crafted JPEG-XR data (dpkg)
oval:org.secpod.oval:def:34075 CVE-2016-1019, Stack-based buffer overflow vulnerability in Adobe Flash Player – CVE-2016-1019 (dpkg)
oval:org.secpod.oval:def:34076 CVE-2016-1020, Denial of service vulnerability in Adobe Flash Player via unspecified vectors (dpkg)
oval:org.secpod.oval:def:34077 CVE-2016-1021, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1021 (dpkg)
oval:org.secpod.oval:def:34078 CVE-2016-1022, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1022 (dpkg)
oval:org.secpod.oval:def:34079 CVE-2016-1023, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1023 (dpkg)
oval:org.secpod.oval:def:34080 CVE-2016-1024, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1024 (dpkg)
oval:org.secpod.oval:def:34081 CVE-2016-1025, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1025 (dpkg)
oval:org.secpod.oval:def:34082 CVE-2016-1026, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1026 (dpkg)
oval:org.secpod.oval:def:34083 CVE-2016-1027, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1027 (dpkg)
oval:org.secpod.oval:def:34084 CVE-2016-1028, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1028 (dpkg)
oval:org.secpod.oval:def:34085 CVE-2016-1029, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1029 (dpkg)
oval:org.secpod.oval:def:34086 CVE-2016-1030, Security bypass vulnerability in Adobe Flash Player via unspecified vectors (dpkg)
oval:org.secpod.oval:def:34087 CVE-2016-1031, Use-after-free vulnerability in Adobe Flash Player – CVE-2016-1031 (dpkg)
oval:org.secpod.oval:def:34088 CVE-2016-1032, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1032 (dpkg)
oval:org.secpod.oval:def:34089 CVE-2016-1033, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1033 (dpkg)
oval:org.secpod.oval:def:34090 CVE-2016-1006, ASLR bypass vulnerability in Adobe Flash Player via JIT data (rpm)
oval:org.secpod.oval:def:34091 CVE-2016-1011, Use-after-free vulnerability in Adobe Flash Player via unspecified vectors (rpm)
oval:org.secpod.oval:def:34092 CVE-2016-1012, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1012 (rpm)
oval:org.secpod.oval:def:34093 CVE-2016-1013, Use-after-free vulnerability in Adobe Flash Player – CVE-2016-1013 (rpm)
oval:org.secpod.oval:def:34094 CVE-2016-1014, Untrusted search path vulnerability in Adobe Flash Player via a Trojan horse resource (rpm)
oval:org.secpod.oval:def:34095 CVE-2016-1015, Type confusion vulnerability in Adobe Flash Player – CVE-2016-1015 (rpm)
oval:org.secpod.oval:def:34096 CVE-2016-1016, Use-after-free vulnerability in Adobe Flash Player via a flash.geom.Matrix callback (rpm)
oval:org.secpod.oval:def:34097 CVE-2016-1017, Use-after-free vulnerability in Adobe Flash Player – CVE-2016-1017 (rpm)
oval:org.secpod.oval:def:34098 CVE-2016-1018, Stack-based buffer overflow vulnerability in Adobe Flash Player via crafted JPEG-XR data (rpm)
oval:org.secpod.oval:def:34099 CVE-2016-1019, Stack-based buffer overflow vulnerability in Adobe Flash Player – CVE-2016-1019 (rpm)
oval:org.secpod.oval:def:34100 CVE-2016-1020, Denial of service vulnerability in Adobe Flash Player via unspecified vectors (rpm)
oval:org.secpod.oval:def:34101 CVE-2016-1021, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1021 (rpm)
oval:org.secpod.oval:def:34102 CVE-2016-1022, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1022 (rpm)
oval:org.secpod.oval:def:34103 CVE-2016-1023, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1023 (rpm)
oval:org.secpod.oval:def:34104 CVE-2016-1024, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1024 (rpm)
oval:org.secpod.oval:def:34105 CVE-2016-1025, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1025 (rpm)
oval:org.secpod.oval:def:34106 CVE-2016-1026, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1026 (rpm)
oval:org.secpod.oval:def:34107 CVE-2016-1027, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1027 (rpm)
oval:org.secpod.oval:def:34108 CVE-2016-1028, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1028 (rpm)
oval:org.secpod.oval:def:34109 CVE-2016-1029, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1029 (rpm)
oval:org.secpod.oval:def:34110 CVE-2016-1030, Security bypass vulnerability in Adobe Flash Player via unspecified vectors (rpm)
oval:org.secpod.oval:def:34111 CVE-2016-1031, Use-after-free vulnerability in Adobe Flash Player – CVE-2016-1031 (rpm)
oval:org.secpod.oval:def:34112 CVE-2016-1032, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1032 (rpm)
oval:org.secpod.oval:def:34113 CVE-2016-1033, Denial of service vulnerability in Adobe Flash Player – CVE-2016-1033 (rpm)
oval:org.secpod.oval:def:34063 APSA16-01,
CVE-2016-1019,
Security bypass vulnerability in Adobe Flash Player – APSA16-01 (dpkg)
oval:org.secpod.oval:def:34065 APSA16-01,
CVE-2016-1019,
Security bypass vulnerability in Adobe Flash Player – APSA16-01 (rpm)
oval:org.secpod.oval:def:34064 APSB16-10,
CVE-2016-1006,
CVE-2016-1011,
CVE-2016-1012,
CVE-2016-1013,
CVE-2016-1014,
CVE-2016-1015,
CVE-2016-1016,
CVE-2016-1017,
CVE-2016-1018,
CVE-2016-1019,
CVE-2016-1020,
CVE-2016-1021,
CVE-2016-1022,
CVE-2016-1023,
CVE-2016-1024,
CVE-2016-1025,
CVE-2016-1026,
CVE-2016-1027,
CVE-2016-1028,
CVE-2016-1029,
CVE-2016-1030,
CVE-2016-1031,
CVE-2016-1032,
CVE-2016-1033,
Multiple vulnerabilities in Adobe Flash Player – APSB16-10 (rpm)
oval:org.secpod.oval:def:34062 APSB16-10,
CVE-2016-1006,
CVE-2016-1011,
CVE-2016-1012,
CVE-2016-1013,
CVE-2016-1014,
CVE-2016-1015,
CVE-2016-1016,
CVE-2016-1017,
CVE-2016-1018,
CVE-2016-1019,
CVE-2016-1020,
CVE-2016-1021,
CVE-2016-1022,
CVE-2016-1023,
CVE-2016-1024,
CVE-2016-1025,
CVE-2016-1026,
CVE-2016-1027,
CVE-2016-1028,
CVE-2016-1029,
CVE-2016-1030,
CVE-2016-1031,
CVE-2016-1032,
CVE-2016-1033,
Multiple vulnerabilities in Adobe Flash Player – APSB16-10 (dpkg)
oval:org.secpod.oval:def:34122 CVE-2016-3443, Unspecified vulnerability in Oracle Java via vectors related to 2D – CVE-2016-3443
oval:org.secpod.oval:def:34121 CVE-2016-0687, Unspecified vulnerability in Oracle Java via vectors related to the Hotspot sub-component
oval:org.secpod.oval:def:34120 CVE-2016-0686, Unspecified vulnerability in Oracle Java via vectors related to Serialization
oval:org.secpod.oval:def:34119 CVE-2016-3427, Unspecified vulnerability in Oracle Java via vectors related to JMX
oval:org.secpod.oval:def:34118 CVE-2016-3449, Unspecified vulnerability in Oracle Java via vectors related to Deployment
oval:org.secpod.oval:def:34117 CVE-2016-0695, Unspecified vulnerability in Oracle Java via vectors related to Security
oval:org.secpod.oval:def:34116 CVE-2016-3425, Unspecified vulnerability in Oracle Java via vectors related to JAXP
oval:org.secpod.oval:def:34115 CVE-2016-3422, Unspecified vulnerability in Oracle Java via vectors related to 2D – CVE-2016-3422
oval:org.secpod.oval:def:34114 CVE-2016-3426, Unspecified vulnerability in Oracle Java via vectors related to JCE
oval:org.secpod.oval:def:203910 CESA-2016:0651,
CVE-2016-0686,
CVE-2016-0687,
CVE-2016-0695,
CVE-2016-3425,
CVE-2016-3426,
CVE-2016-3427,
CESA-2016:0651 — centos 6 java-1.8.0-openjdk
oval:org.secpod.oval:def:203911 CESA-2016:0676,
CVE-2016-0686,
CVE-2016-0687,
CVE-2016-0695,
CVE-2016-3425,
CVE-2016-3427,
CESA-2016:0676 — centos 7 java-1.7.0-openjdk
oval:org.secpod.oval:def:203912 CESA-2016:0675,
CVE-2016-0686,
CVE-2016-0687,
CVE-2016-0695,
CVE-2016-3425,
CVE-2016-3427,
CESA-2016:0675 — centos 6 java-1.7.0-openjdk
oval:org.secpod.oval:def:203913 CESA-2016:0650,
CVE-2016-0686,
CVE-2016-0687,
CVE-2016-0695,
CVE-2016-3425,
CVE-2016-3426,
CVE-2016-3427,
CESA-2016:0650 — centos 7 java-1.8.0-openjdk
oval:org.secpod.oval:def:203914 CESA-2016:0676,
CVE-2016-0686,
CVE-2016-0687,
CVE-2016-0695,
CVE-2016-3425,
CVE-2016-3427,
CESA-2016:0676 — centos 5 java-1.7.0-openjdk
oval:org.secpod.oval:def:501806 CVE-2016-0686,
CVE-2016-0687,
CVE-2016-0695,
CVE-2016-3425,
CVE-2016-3427,
RHSA-2016:0676-01,
RHSA-2016:0676-01 — Redhat java-1.7.0-openjdk
oval:org.secpod.oval:def:501807 CVE-2016-0686,
CVE-2016-0687,
CVE-2016-0695,
CVE-2016-3425,
CVE-2016-3426,
CVE-2016-3427,
RHSA-2016:0650-01,
RHSA-2016:0650-01 — Redhat java-1.8.0-openjdk
oval:org.secpod.oval:def:501808 CVE-2016-0686,
CVE-2016-0687,
CVE-2016-0695,
CVE-2016-3425,
CVE-2016-3426,
CVE-2016-3427,
RHSA-2016:0651-01,
RHSA-2016:0651-01 — Redhat java-1.8.0-openjdk
oval:org.secpod.oval:def:501809 CVE-2016-0686,
CVE-2016-0687,
CVE-2016-0695,
CVE-2016-3425,
CVE-2016-3427,
RHSA-2016:0675-01,
RHSA-2016:0675-01 — Redhat java-1.7.0-openjdk
oval:org.secpod.oval:def:34014 CVE-2016-1652, Cross-site scripting vulnerability in Extensions subsystem in Google Chrome via a crafted web site, aka &quot
oval:org.secpod.oval:def:34013 CVE-2016-1652, Cross-site scripting vulnerability in Extensions subsystem in Google Chrome via a crafted web site, aka &quot
oval:org.secpod.oval:def:34015 CVE-2016-1653, Out-of-bounds vulnerability in V8 in Google Chrome via a crafted JavaScript code that triggers an out-of-bounds write operation (rpm)
oval:org.secpod.oval:def:34017 CVE-2016-1651, Out-of-bounds vulnerability in Pdfium in Google Chrome via a crafted JPEG 2000 data in a PDF document (rpm)
oval:org.secpod.oval:def:34019 CVE-2016-1654, Denial of service vulnerability in media in Google Chrome via unknown vectors (rpm)
oval:org.secpod.oval:def:34021 CVE-2016-1655, Use-after-free vulnerability in extensions in Google Chrome via a crafted extension (rpm)
oval:org.secpod.oval:def:34023 CVE-2016-1657, Address bar spoofing vulnerability in Google Chrome via a crafted URL (rpm)
oval:org.secpod.oval:def:34025 CVE-2016-1658, Information disclosure vulnerability in Google Chrome via a crafted extension (rpm)
oval:org.secpod.oval:def:34027 CVE-2016-1659, Multiple unspecified vulnerabilities in Google Chrome via unknown vectors (rpm)
oval:org.secpod.oval:def:34016 CVE-2016-1653, Out-of-bounds vulnerability in V8 in Google Chrome via a crafted JavaScript code that triggers an out-of-bounds write operation (dpkg)
oval:org.secpod.oval:def:34018 CVE-2016-1651, Out-of-bounds vulnerability in Pdfium in Google Chrome via a crafted JPEG 2000 data in a PDF document (dpkg)
oval:org.secpod.oval:def:34011 CVE-2016-1651,
CVE-2016-1652,
CVE-2016-1653,
CVE-2016-1654,
CVE-2016-1655,
CVE-2016-1657,
CVE-2016-1658,
CVE-2016-1659,
VENDORLINK,
Multiple vulnerabilities in Google Chrome via a specially crafted data (rpm)
oval:org.secpod.oval:def:34012 CVE-2016-1651,
CVE-2016-1652,
CVE-2016-1653,
CVE-2016-1654,
CVE-2016-1655,
CVE-2016-1657,
CVE-2016-1658,
CVE-2016-1659,
VENDORLINK,
Multiple vulnerabilities in Google Chrome via a specially crafted data (dpkg)
oval:org.secpod.oval:def:34020 CVE-2016-1654, Denial of service vulnerability in media in Google Chrome via unknown vectors (dpkg)
oval:org.secpod.oval:def:34022 CVE-2016-1655, Use-after-free vulnerability in extensions in Google Chrome via a crafted extension (dpkg)
oval:org.secpod.oval:def:34024 CVE-2016-1657, Address bar spoofing vulnerability in Google Chrome via a crafted URL (dpkg)
oval:org.secpod.oval:def:34026 CVE-2016-1658, Information disclosure vulnerability in Google Chrome via a crafted extension (dpkg)
oval:org.secpod.oval:def:34028 CVE-2016-1659, Multiple unspecified vulnerabilities in Google Chrome via unknown vectors (dpkg)
oval:org.secpod.oval:def:34030 CVE-2016-1652, Cross-site scripting vulnerability in Extensions subsystem in Google Chrome via a crafted web site, aka &quot
oval:org.secpod.oval:def:34029 CVE-2016-1651,
CVE-2016-1652,
CVE-2016-1653,
CVE-2016-1654,
CVE-2016-1655,
CVE-2016-1657,
CVE-2016-1658,
CVE-2016-1659,
VENDORLINK,
Multiple vulnerabilities in Google Chrome via a specially crafted data (Mac OS X)
oval:org.secpod.oval:def:34031 CVE-2016-1653, Out-of-bounds vulnerability in V8 in Google Chrome via a crafted JavaScript code that triggers an out-of-bounds write operation (Mac OS X)
oval:org.secpod.oval:def:34032 CVE-2016-1651, Out-of-bounds vulnerability in Pdfium in Google Chrome via a crafted JPEG 2000 data in a PDF document (Mac OS X)
oval:org.secpod.oval:def:34033 CVE-2016-1654, Denial of service vulnerability in media in Google Chrome via unknown vectors (Mac OS X)
oval:org.secpod.oval:def:34034 CVE-2016-1655, Use-after-free vulnerability in extensions in Google Chrome via a crafted extension (Mac OS X)
oval:org.secpod.oval:def:34035 CVE-2016-1657, Address bar spoofing vulnerability in Google Chrome via a crafted URL (Mac OS X)
oval:org.secpod.oval:def:34036 CVE-2016-1658, Information disclosure vulnerability in Google Chrome via a crafted extension (Mac OS X)
oval:org.secpod.oval:def:34037 CVE-2016-1659, Multiple unspecified vulnerabilities in Google Chrome via unknown vectors (Mac OS X)