SCAP Feed Release : 06-Jun-2017

  • Post author:
  • Reading time:45 mins read

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update.

oval:org.secpod.oval:def:112438 CVE-2017-7511
FEDORA-2017-690eedcf41		 FEDORA-2017-690eedcf41 — Fedora 25 poppler-0.45.0-3.fc25
oval:org.secpod.oval:def:112439 CVE-2017-6891
FEDORA-2017-c7c3f7ed26		 FEDORA-2017-c7c3f7ed26 — Fedora 25 libtasn1-4.12-1.fc25
oval:org.secpod.oval:def:40673 CVE-2017-9354 Denial of service vulnerability in RGMP dissector in Wireshark via an improper IPv4 address – CVE-2017-9354
oval:org.secpod.oval:def:40674 CVE-2017-9353 Denial of service vulnerability in IPV6 dissector in Wireshark due to improper IPv6 address – CVE-2017-9353
oval:org.secpod.oval:def:40675 CVE-2017-9352 Denial of service vulnerability in Bazaar dissector in Wireshark via a malformed packet trace file
oval:org.secpod.oval:def:40676 CVE-2017-9351 Buffer overflow vulnerability in the DHCP dissector in Wireshark while extracting the Vendor Class Identifier
oval:org.secpod.oval:def:40677 CVE-2017-9350 Denial of service vulnerability in openSAFETY dissector in Wireshark
oval:org.secpod.oval:def:40678 CVE-2017-9349 Denial of service vulnerability in DICOM dissector in Wireshark via a malformed packet trace file
oval:org.secpod.oval:def:40679 CVE-2017-9348 Buffer overflow vulnerability in DOF dissector in Wireshark via a crafted size value
oval:org.secpod.oval:def:40680 CVE-2017-9347 Null pointer dereference vulnerability in ROS dissector in Wireshark via a crafted OID
oval:org.secpod.oval:def:40681 CVE-2017-9346 Denial of service vulnerability in SoulSeek dissector in Wireshark via a malformed packet trace file
oval:org.secpod.oval:def:40682 CVE-2017-9345 Denial of service vulnerability in DNS dissector in Wireshark – CVE-2017-9345
oval:org.secpod.oval:def:40683 CVE-2017-9344 Divide by zero error vulnerability in Bluetooth L2CAP in Wireshark – CVE-2017-9344
oval:org.secpod.oval:def:40684 CVE-2017-9343 Null pointer dereference vulnerability in MSNIP dissector in Wireshark – CVE-2017-9343
oval:org.secpod.oval:def:40685 CVE-2017-5070 Type confusion vulnerability in the V8 in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:40686 CVE-2017-5071 Out of bounds read vulnerability in the V8 in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:40687 CVE-2017-5072 Address spoofing vulnerability in the Omnibox in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:40688 CVE-2017-5073 Use after free vulnerability in the print preview in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:40689 CVE-2017-5074 Use after free vulnerability in the Apps Bluetooth in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:40690 CVE-2017-5075 Information leak vulnerability in the CSP reporting in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:40691 CVE-2017-5076 Address spoofing vulnerability in the Omnibox in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:40692 CVE-2017-5077 Heap buffer overflow vulnerability in the Skia in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:40693 CVE-2017-5078 Command injection vulnerability in the mailto handling in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:40694 CVE-2017-5079 UI spoofing vulnerability in the Blink in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:40695 CVE-2017-5080 Use after free vulnerability in the credit card autofill in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:40696 CVE-2017-5081 Extension verification bypass vulnerability in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:40697 CVE-2017-5082 Insufficient hardening vulnerability in the credit card editor in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:40698 CVE-2017-5083 UI spoofing vulnerability in the Blink in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:40699 CVE-2017-5085 Inappropriate javascript execution on WebUI pages vulnerability in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:40700 CVE-2017-5086 Address spoofing vulnerability in the Omnibox in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:40701 CVE-2017-5070
CVE-2017-5071
CVE-2017-5072
CVE-2017-5073
CVE-2017-5074
CVE-2017-5075
CVE-2017-5076
CVE-2017-5077
CVE-2017-5078
CVE-2017-5079
CVE-2017-5080
CVE-2017-5081
CVE-2017-5082
CVE-2017-5083
CVE-2017-5085
CVE-2017-5086
VENDORLINK		 Multiple vulnerabilities in Google Chrome via unspecified vectors
oval:org.secpod.oval:def:40702 CVE-2017-9354 Denial of service vulnerability in RGMP dissector in Wireshark via an improper IPv4 address – CVE-2017-9354 (Mac OS X)
oval:org.secpod.oval:def:40703 CVE-2017-9353 Denial of service vulnerability in IPV6 dissector in Wireshark due to improper IPv6 address – CVE-2017-9353 (Mac OS X)
oval:org.secpod.oval:def:40704 CVE-2017-9352 Denial of service vulnerability in Bazaar dissector in Wireshark via a malformed packet trace file (Mac OS X)
oval:org.secpod.oval:def:40705 CVE-2017-9351 Buffer overflow vulnerability in the DHCP dissector in Wireshark while extracting the Vendor Class Identifier (Mac OS X)
oval:org.secpod.oval:def:40706 CVE-2017-9350 Denial of service vulnerability in openSAFETY dissector in Wireshark (Mac OS X)
oval:org.secpod.oval:def:40707 CVE-2017-9349 Denial of service vulnerability in DICOM dissector in Wireshark via a malformed packet trace file (Mac OS X)
oval:org.secpod.oval:def:40708 CVE-2017-9348 Buffer overflow vulnerability in DOF dissector in Wireshark via a crafted size value (Mac OS X)
oval:org.secpod.oval:def:40709 CVE-2017-9347 Null pointer dereference vulnerability in ROS dissector in Wireshark via a crafted OID (Mac OS X)
oval:org.secpod.oval:def:40710 CVE-2017-9346 Denial of service vulnerability in SoulSeek dissector in Wireshark via a malformed packet trace file (Mac OS X)
oval:org.secpod.oval:def:40711 CVE-2017-9345 Denial of service vulnerability in DNS dissector in Wireshark – CVE-2017-9345 (Mac OS X)
oval:org.secpod.oval:def:40712 CVE-2017-9344 Divide by zero error vulnerability in Bluetooth L2CAP in Wireshark – CVE-2017-9344 (Mac OS X)
oval:org.secpod.oval:def:40713 CVE-2017-9343 Null pointer dereference vulnerability in MSNIP dissector in Wireshark – CVE-2017-9343 (Mac OS X)
oval:org.secpod.oval:def:40714 CVE-2017-5070 Type confusion vulnerability in the V8 in Google Chrome via unspecified vectors (Mac OS X)
oval:org.secpod.oval:def:40715 CVE-2017-5071 Out of bounds read vulnerability in the V8 in Google Chrome via unspecified vectors (Mac OS X)
oval:org.secpod.oval:def:40716 CVE-2017-5072 Address spoofing vulnerability in the Omnibox in Google Chrome via unspecified vectors (Mac OS X)
oval:org.secpod.oval:def:40717 CVE-2017-5073 Use after free vulnerability in the print preview in Google Chrome via unspecified vectors (Mac OS X)
oval:org.secpod.oval:def:40718 CVE-2017-5074 Use after free vulnerability in the Apps Bluetooth in Google Chrome via unspecified vectors (Mac OS X)
oval:org.secpod.oval:def:40719 CVE-2017-5075 Information disclosure vulnerability in the CSP reporting in Google Chrome via unspecified vectors (Mac OS X)
oval:org.secpod.oval:def:40720 CVE-2017-5076 Address spoofing vulnerability in the Omnibox in Google Chrome via unspecified vectors (Mac OS X)
oval:org.secpod.oval:def:40721 CVE-2017-5077 Heap buffer overflow vulnerability in the Skia in Google Chrome via unspecified vectors (Mac OS X)
oval:org.secpod.oval:def:40722 CVE-2017-5078 Command injection vulnerability in the mailto handling in Google Chrome via unspecified vectors (Mac OS X)
oval:org.secpod.oval:def:40723 CVE-2017-5079 UI spoofing vulnerability in the Blink in Google Chrome via unspecified vectors (Mac OS X)
oval:org.secpod.oval:def:40724 CVE-2017-5080 Use after free vulnerability in the credit card autofill in Google Chrome via unspecified vectors (Mac OS X)
oval:org.secpod.oval:def:40725 CVE-2017-5081 Extension verification bypass vulnerability in Google Chrome via unspecified vectors (Mac OS X)
oval:org.secpod.oval:def:40726 CVE-2017-5082 Insufficient hardening vulnerability in the credit card editor in Google Chrome via unspecified vectors (Mac OS X)
oval:org.secpod.oval:def:40727 CVE-2017-5083 UI spoofing vulnerability in the Blink in Google Chrome via unspecified vectors (Mac OS X)
oval:org.secpod.oval:def:40728 CVE-2017-5085 Inappropriate javascript execution on WebUI pages vulnerability in Google Chrome via unspecified vectors (Mac OS X)
oval:org.secpod.oval:def:40729 CVE-2017-5086 Address spoofing vulnerability in the Omnibox in Google Chrome via unspecified vectors (Mac OS X)
oval:org.secpod.oval:def:40730 CVE-2017-5070
CVE-2017-5071
CVE-2017-5072
CVE-2017-5073
CVE-2017-5074
CVE-2017-5075
CVE-2017-5076
CVE-2017-5077
CVE-2017-5078
CVE-2017-5079
CVE-2017-5080
CVE-2017-5081
CVE-2017-5082
CVE-2017-5083
CVE-2017-5085
CVE-2017-5086
VENDORLINK		 Inappropriate javascript execution on WebUI pages vulnerability in Google Chrome via unspecified vectors (Mac OS X)
oval:org.secpod.oval:def:40731 CVE-2017-5070 Type confusion vulnerability in the V8 in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:40732 CVE-2017-5070 Type confusion vulnerability in the V8 in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.oval:def:40733 CVE-2017-5071 Out of bounds read vulnerability in the V8 in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:40734 CVE-2017-5071 Out of bounds read vulnerability in the V8 in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.oval:def:40735 CVE-2017-5072 Address spoofing vulnerability in the Omnibox in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:40736 CVE-2017-5072 Address spoofing vulnerability in the Omnibox in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.oval:def:40737 CVE-2017-5073 Use after free vulnerability in the print preview in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:40738 CVE-2017-5073 Use after free vulnerability in the print preview in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.oval:def:40739 CVE-2017-5074 Use after free vulnerability in the Apps Bluetooth in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:40740 CVE-2017-5074 Use after free vulnerability in the Apps Bluetooth in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.oval:def:40741 CVE-2017-5075 Information disclosure vulnerability in the CSP reporting in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:40742 CVE-2017-5075 Information disclosure vulnerability in the CSP reporting in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.oval:def:40743 CVE-2017-5076 Address spoofing vulnerability in the Omnibox in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:40744 CVE-2017-5076 Address spoofing vulnerability in the Omnibox in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.oval:def:40745 CVE-2017-5077 Heap buffer overflow vulnerability in the Skia in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:40746 CVE-2017-5077 Heap buffer overflow vulnerability in the Skia in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.oval:def:40747 CVE-2017-5078 Command injection vulnerability in the mailto handling in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:40748 CVE-2017-5078 Command injection vulnerability in the mailto handling in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.oval:def:40749 CVE-2017-5079 UI spoofing vulnerability in the Blink in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:40750 CVE-2017-5079 UI spoofing vulnerability in the Blink in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.oval:def:40751 CVE-2017-5080 Use after free vulnerability in the credit card autofill in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:40752 CVE-2017-5080 Use after free vulnerability in the credit card autofill in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.oval:def:40753 CVE-2017-5081 Extension verification bypass vulnerability in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:40754 CVE-2017-5081 Extension verification bypass vulnerability in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.oval:def:40755 CVE-2017-5082 Insufficient hardening vulnerability in the credit card editor in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:40756 CVE-2017-5082 Insufficient hardening vulnerability in the credit card editor in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.oval:def:40757 CVE-2017-5083 UI spoofing vulnerability in the Blink in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:40758 CVE-2017-5083 UI spoofing vulnerability in the Blink in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.oval:def:40759 CVE-2017-5085 Inappropriate javascript execution on WebUI pages vulnerability in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:40760 CVE-2017-5085 Inappropriate javascript execution on WebUI pages vulnerability in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.oval:def:40761 CVE-2017-5086 Address spoofing vulnerability in the Omnibox in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:40762 CVE-2017-5086 Address spoofing vulnerability in the Omnibox in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.oval:def:40763 CVE-2017-5070
CVE-2017-5071
CVE-2017-5072
CVE-2017-5073
CVE-2017-5074
CVE-2017-5075
CVE-2017-5076
CVE-2017-5077
CVE-2017-5078
CVE-2017-5079
CVE-2017-5080
CVE-2017-5081
CVE-2017-5082
CVE-2017-5083
CVE-2017-5085
CVE-2017-5086
VENDORLINK		 Multiple vulnerabilities in Google Chrome via unspecified vectors (rpm)
oval:org.secpod.oval:def:40764 CVE-2017-5070
CVE-2017-5071
CVE-2017-5072
CVE-2017-5073
CVE-2017-5074
CVE-2017-5075
CVE-2017-5076
CVE-2017-5077
CVE-2017-5078
CVE-2017-5079
CVE-2017-5080
CVE-2017-5081
CVE-2017-5082
CVE-2017-5083
CVE-2017-5085
CVE-2017-5086
VENDORLINK		 Multiple vulnerabilities in Google Chrome via unspecified vectors (dpkg)
oval:org.secpod.oval:def:602923 CVE-2017-6512
DSA-3873-1		 DSA-3873-1 perl — perl
oval:org.secpod.oval:def:703639 CVE-2017-6891
USN-3309-1		 USN-3309-1 — libtasn1 vulnerability
oval:org.secpod.oval:def:703640 CVE-2014-3248
CVE-2017-2295
USN-3308-1		 USN-3308-1 — puppet vulnerabilities
Tags: