SCAP Feed Release : 21-Sep-2016

  • Post author:
  • Reading time:58 mins read

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update.

oval:org.secpod.oval:def:37218 CVE-2016-4256 Memory corruption vulnerability in Adobe Digital Editions via unspecified vectors – CVE-2016-4256
oval:org.secpod.oval:def:37219 CVE-2016-4257 Memory corruption vulnerability in Adobe Digital Editions via unspecified vectors – CVE-2016-4257
oval:org.secpod.oval:def:37220 CVE-2016-4258 Memory corruption vulnerability in Adobe Digital Editions via unspecified vectors – CVE-2016-4258
oval:org.secpod.oval:def:37221 CVE-2016-4259 Memory corruption vulnerability in Adobe Digital Editions via unspecified vectors – CVE-2016-4259
oval:org.secpod.oval:def:37222 CVE-2016-4260 Memory corruption vulnerability in Adobe Digital Editions via unspecified vectors – CVE-2016-4260
oval:org.secpod.oval:def:37223 CVE-2016-4261 Memory corruption vulnerability in Adobe Digital Editions via unspecified vectors – CVE-2016-4261
oval:org.secpod.oval:def:37224 CVE-2016-4262 Memory corruption vulnerability in Adobe Digital Editions via unspecified vectors – CVE-2016-4262
oval:org.secpod.oval:def:37225 CVE-2016-4263 Use-after-free vulnerability in Adobe Digital Editions via unspecified vectors – CVE-2016-4263
oval:org.secpod.oval:def:37226 APSB16-28
CVE-2016-4256
CVE-2016-4257
CVE-2016-4258
CVE-2016-4259
CVE-2016-4260
CVE-2016-4261
CVE-2016-4262
CVE-2016-4263
Multiple vulnerabilities in Adobe Digital Editions via unspecified vectors – APSB16-28
oval:org.secpod.oval:def:37238 CVE-2016-4728 Arbitrary code execution vulnerability in the WebKit in Apple iTunes – CVE-2016-4728
oval:org.secpod.oval:def:37229 CVE-2016-4763 Privilege escalation vulnerability in the WebKit in Apple iTunes – CVE-2016-4763
oval:org.secpod.oval:def:37228 CVE-2016-4769 Memory corruption vulnerability in the WebKit in Apple iTunes – CVE-2016-4769
oval:org.secpod.oval:def:37227 APPLE-SA-2016-09-20-7
CVE-2016-4728
CVE-2016-4758
CVE-2016-4759
CVE-2016-4760
CVE-2016-4762
CVE-2016-4763
CVE-2016-4765
CVE-2016-4766
CVE-2016-4767
CVE-2016-4768
CVE-2016-4769
Multiple vulnerabilities in Apple iTunes – APPLE-SA-2016-09-20-7
oval:org.secpod.oval:def:37237 CVE-2016-4758 Information disclosure vulnerability in the WebKit in Apple iTunes – CVE-2016-4758
oval:org.secpod.oval:def:37236 CVE-2016-4759 Memory corruption vulnerability in the WebKit in Apple iTunes – CVE-2016-4759
oval:org.secpod.oval:def:37235 CVE-2016-4762 Memory corruption vulnerability in the WebKit in Apple iTunes – CVE-2016-4762
oval:org.secpod.oval:def:37234 CVE-2016-4766 Memory corruption vulnerability in the WebKit in Apple iTunes – CVE-2016-4766
oval:org.secpod.oval:def:37233 CVE-2016-4767 Memory corruption vulnerability in the WebKit in Apple iTunes – CVE-2016-4767
oval:org.secpod.oval:def:37232 CVE-2016-4768 Memory corruption vulnerability in the WebKit in Apple iTunes – CVE-2016-4768
oval:org.secpod.oval:def:37231 CVE-2016-4760 Privilege escalation vulnerability in the WebKit in Apple iTunes – CVE-2016-4760
oval:org.secpod.oval:def:37230 CVE-2016-4765 Memory corruption vulnerability in the WebKit in Apple iTunes – CVE-2016-4765
oval:org.secpod.oval:def:37239 CVE-2016-6662 Privilege escalation vulnerability in MariaDB by abusing MySQL logging functions
oval:org.secpod.oval:def:37271 CVE-2016-5279 Information disclosure vulnerability in Mozilla Firefox while using drag and drop
oval:org.secpod.oval:def:37272 CVE-2016-5280 Use-after-free vulnerability in mozilla::nsTextNodeDirectionalityMap:: RemoveElementFromMap in Mozilla Firefox and Firefox ESR
oval:org.secpod.oval:def:37273 CVE-2016-5281 Use-after-free vulnerability in DOMSVGLength in Mozilla Firefox and Firefox ESR
oval:org.secpod.oval:def:37274 CVE-2016-5282 Privilege escalation vulnerability in Mozilla Firefox while requesting favicons from non-whitelisted schemes
oval:org.secpod.oval:def:37275 CVE-2016-5283 Cross origin data disclosure vulnerability in Mozilla Firefox via fragment timing attack
oval:org.secpod.oval:def:37276 CVE-2016-5284 Malicious add-on injection vulnerability in Mozilla Firefox and Firefox ESR
oval:org.secpod.oval:def:37277 CVE-2016-5256 Memory corruption vulnerability in Mozilla Firefox – CVE-2016-5256
oval:org.secpod.oval:def:37280 CVE-2016-5250 Information disclosure vulnerability in Resource Timing API in Mozilla Firefox ESR
oval:org.secpod.oval:def:37281 CVE-2016-5261 Integer overflow vulnerability in WebSocketChannel in Mozilla Firefox ESR
oval:org.secpod.oval:def:37279 CVE-2016-5257 Memory corruption vulnerability in Mozilla Firefox or Firefox ESR – CVE-2016-5257
oval:org.secpod.oval:def:37282 CVE-2016-2827
CVE-2016-5256
CVE-2016-5257
CVE-2016-5270
CVE-2016-5271
CVE-2016-5272
CVE-2016-5273
CVE-2016-5274
CVE-2016-5275
CVE-2016-5276
CVE-2016-5277
CVE-2016-5278
CVE-2016-5279
CVE-2016-5280
CVE-2016-5281
CVE-2016-5282
CVE-2016-5283
CVE-2016-5284
MFSA2016-85
Multiple vulnerabilities in Mozilla Firefox – MFSA2016-85
oval:org.secpod.oval:def:37283 CVE-2016-5250
CVE-2016-5257
CVE-2016-5261
CVE-2016-5270
CVE-2016-5272
CVE-2016-5274
CVE-2016-5276
CVE-2016-5277
CVE-2016-5278
CVE-2016-5280
CVE-2016-5281
CVE-2016-5284
MFSA2016-86
Multiple vulnerabilities in Mozilla Firefox ESR – MFSA2016-86
oval:org.secpod.oval:def:37278 CVE-2016-5275 Global buffer overflow vulnerability in mozilla::gfx::FilterSupport::ComputeSourceNeededRegions in Mozilla Firefox
oval:org.secpod.oval:def:37263 CVE-2016-5270 Heap based buffer overflow vulnerability in nsCaseTransformTextRunFactory::TransformString in Mozilla Firefox and Firefox ESR
oval:org.secpod.oval:def:37264 CVE-2016-5271 Out-of-bounds vulnerability in PropertyProvider::GetSpacingInternal in Mozilla Firefox
oval:org.secpod.oval:def:37262 CVE-2016-2827 Out-of-bounds read vulnerability in mozilla::net::IsValidReferrerPolicy in Mozilla Firefox
oval:org.secpod.oval:def:37265 CVE-2016-5272 Denial of service vulnerability in Mozilla Firefox and Firefox ESR due to a bad cast in nsImageGeometryMixin
oval:org.secpod.oval:def:37266 CVE-2016-5273 Denial of service vulnerability in mozilla::a11y::HyperTextAccessible::GetChildOffset in Mozilla Firefox
oval:org.secpod.oval:def:37267 CVE-2016-5276 Heap-use-after-free vulnerability in mozilla::a11y::DocAccessible::ProcessInvalidationList in Mozilla Firefox and Firefox ESR
oval:org.secpod.oval:def:37268 CVE-2016-5274 Use-after-free vulnerability in web animations in Mozilla Firefox and Firefox ESR
oval:org.secpod.oval:def:37269 CVE-2016-5277 Heap-use-after-free vulnerability in nsRefreshDriver::Tick in Mozilla Firefox and Firefox ESR
oval:org.secpod.oval:def:37270 CVE-2016-5278 Heap-buffer-overflow vulnerability in nsBMPEncoder::AddImageFrame in Mozilla Firefox and Firefox ESR
oval:org.secpod.oval:def:703262 CVE-2014-3589
CVE-2016-0775
CVE-2016-2533
USN-3080-1
USN-3080-1 — python imaging library vulnerabilities
oval:org.secpod.oval:def:703263 CVE-2016-1854
CVE-2016-1856
CVE-2016-1857
CVE-2016-1858
CVE-2016-1859
CVE-2016-4583
CVE-2016-4585
CVE-2016-4586
CVE-2016-4588
CVE-2016-4589
CVE-2016-4590
CVE-2016-4591
CVE-2016-4622
CVE-2016-4623
CVE-2016-4624
CVE-2016-4651
USN-3079-1
USN-3079-1 — webkitgtk+ vulnerabilities
oval:org.secpod.oval:def:703264 CVE-2016-5141
CVE-2016-5142
CVE-2016-5143
CVE-2016-5144
CVE-2016-5145
CVE-2016-5146
CVE-2016-5147
CVE-2016-5148
CVE-2016-5150
CVE-2016-5153
CVE-2016-5155
CVE-2016-5156
CVE-2016-5161
CVE-2016-5164
CVE-2016-5165
CVE-2016-5167
USN-3058-1
USN-3058-1 — oxide vulnerabilities
oval:org.secpod.oval:def:204000 CESA-2016:1850
CVE-2015-8920
CVE-2015-8921
CVE-2015-8932
CVE-2016-4809
CVE-2016-5418
CVE-2016-5844
CVE-2016-7166
CESA-2016:1850 — centos 6 libarchive
oval:org.secpod.oval:def:204001 CESA-2016:1844
CVE-2015-8916
CVE-2015-8917
CVE-2015-8919
CVE-2015-8920
CVE-2015-8921
CVE-2015-8922
CVE-2015-8923
CVE-2015-8924
CVE-2015-8925
CVE-2015-8926
CVE-2015-8928
CVE-2015-8930
CVE-2015-8931
CVE-2015-8932
CVE-2015-8934
CVE-2016-1541
CVE-2016-4300
CVE-2016-4302
CVE-2016-4809
CVE-2016-5418
CVE-2016-5844
CVE-2016-6250
CVE-2016-7166
CESA-2016:1844 — centos 7 libarchive
oval:org.secpod.oval:def:111311 CVE-2016-6313
FEDORA-2016-3a0195918f
FEDORA-2016-3a0195918f — Fedora 23 gnupg-1.4.21-1.fc23
oval:org.secpod.oval:def:111312 FEDORA-2016-e77b6d963a FEDORA-2016-e77b6d963a — Fedora 24 thunderbird-45.3.0-1.fc24
oval:org.secpod.oval:def:111313 FEDORA-2016-e1589894e8 FEDORA-2016-e1589894e8 — Fedora 24 gnutls-3.4.15-1.fc24
oval:org.secpod.oval:def:111314 CVE-2016-7167
FEDORA-2016-7a2ed52d41
FEDORA-2016-7a2ed52d41 — Fedora 24 curl-7.47.1-8.fc24
oval:org.secpod.oval:def:111315 FEDORA-2016-0bdf82500f FEDORA-2016-0bdf82500f — Fedora 24 GraphicsMagick-1.3.25-1.fc24
oval:org.secpod.oval:def:111316 CVE-2016-7092
CVE-2016-7093
CVE-2016-7094
FEDORA-2016-7d2c67d1f5
FEDORA-2016-7d2c67d1f5 — Fedora 24 xen-4.6.3-5.fc24
oval:org.secpod.oval:def:111317 FEDORA-2016-2edb9adec8 FEDORA-2016-2edb9adec8 — Fedora 23 gnutls-3.4.15-1.fc23
oval:org.secpod.oval:def:111318 FEDORA-2016-06e4de8210 FEDORA-2016-06e4de8210 — Fedora 23 phpMyAdmin-4.6.4-2.fc23
oval:org.secpod.oval:def:111319 CVE-2016-7163
FEDORA-2016-27d3b7742f
FEDORA-2016-27d3b7742f — Fedora 24 openjpeg2-2.1.1-3.fc24
oval:org.secpod.oval:def:111320 CVE-2015-5203
FEDORA-2016-5a7e745a56
FEDORA-2016-5a7e745a56 — Fedora 24 jasper-1.900.1-34.fc24
oval:org.secpod.oval:def:111321 CVE-2016-5170
CVE-2016-5171
CVE-2016-5172
CVE-2016-5173
CVE-2016-5174
CVE-2016-5175
FEDORA-2016-b15185b72a
FEDORA-2016-b15185b72a — Fedora 24 chromium-53.0.2785.113-1.fc24
oval:org.secpod.oval:def:111322 FEDORA-2016-b3f93ead5b FEDORA-2016-b3f93ead5b — Fedora 24 moin-1.9.8-1.fc24
oval:org.secpod.oval:def:111324 CVE-2016-4855
FEDORA-2016-7d6ca385a4
FEDORA-2016-7d6ca385a4 — Fedora 23 php-adodb-5.15-10.fc23
oval:org.secpod.oval:def:111326 CVE-2016-7163
FEDORA-2016-231f53426b
FEDORA-2016-231f53426b — Fedora 23 openjpeg2-2.1.1-3.fc23
oval:org.secpod.oval:def:111327 CVE-2016-6299
FEDORA-2016-145afea99e
FEDORA-2016-145afea99e — Fedora 24 mock-1.2.21-1.fc24
oval:org.secpod.oval:def:111329 FEDORA-2016-390ec4a8f3 FEDORA-2016-390ec4a8f3 — Fedora 23 GraphicsMagick-1.3.25-1.fc23
oval:org.secpod.oval:def:111330 CVE-2016-6299
FEDORA-2016-145afea99e
FEDORA-2016-145afea99e — Fedora 24 distribution-gpg-keys-1.7-1.fc24
oval:org.secpod.oval:def:111332 CVE-2016-7163
FEDORA-2016-adb346980c
FEDORA-2016-adb346980c — Fedora 23 mingw-openjpeg2-2.1.1-3.fc23
oval:org.secpod.oval:def:111333 CVE-2016-4855
FEDORA-2016-fed6f8c57d
FEDORA-2016-fed6f8c57d — Fedora 24 php-adodb-5.15-10.fc24
oval:org.secpod.oval:def:111334 CVE-2016-7163
FEDORA-2016-2eac99579c
FEDORA-2016-2eac99579c — Fedora 24 mingw-openjpeg2-2.1.1-3.fc24
oval:org.secpod.oval:def:1600447 ALAS-2016-744
CVE-2016-6313
ALAS-2016-744 —- libgcrypt gnupg
oval:org.secpod.oval:def:1600448 ALAS-2016-747
CVE-2016-5423
CVE-2016-5424
ALAS-2016-747 —- postgresql92 postgresql93 postgresql94
oval:org.secpod.oval:def:1600449 ALAS-2016-748
CVE-2016-3458
CVE-2016-3500
CVE-2016-3508
CVE-2016-3550
CVE-2016-3606
ALAS-2016-748 —- java-1.6.0-openjdk
oval:org.secpod.oval:def:1600450 ALAS-2016-745
CVE-2016-2775
ALAS-2016-745 —- bind
oval:org.secpod.oval:def:1600451 ALAS-2016-746
CVE-2016-1000212
ALAS-2016-746 —- lighttpd
oval:org.secpod.oval:def:602607 CVE-2016-7143
DSA-3661-1
DSA-3661-1 charybdis — charybdis
oval:org.secpod.oval:def:602608 CVE-2016-7092
CVE-2016-7094
CVE-2016-7154
DSA-3663-1
DSA-3663-1 xen — xen
oval:org.secpod.oval:def:602609 CVE-2016-5426
CVE-2016-5427
CVE-2016-6172
DSA-3664-1
DSA-3664-1 pdns — pdns
oval:org.secpod.oval:def:602610 CVE-2016-7142
DSA-3662-1
DSA-3662-1 inspircd — inspircd
oval:org.secpod.oval:def:602611 CVE-2015-6581
CVE-2015-8871
CVE-2016-1924
CVE-2016-7163
DSA-3665-1
DSA-3665-1 openjpeg2 — openjpeg2
oval:org.secpod.oval:def:602612 CVE-2016-1240
DSA-3669-1
DSA-3669-1 tomcat7 — tomcat7
oval:org.secpod.oval:def:602614 CVE-2016-1240
DSA-3670-1
DSA-3670-1 tomcat8 — tomcat8
oval:org.secpod.oval:def:602615 CVE-2016-6893
DSA-3668-1
DSA-3668-1 mailman — mailman
oval:org.secpod.oval:def:602616 CVE-2016-5170
CVE-2016-5171
CVE-2016-5172
CVE-2016-5173
CVE-2016-5174
CVE-2016-5175
CVE-2016-7395
DSA-3667-1
DSA-3667-1 chromium-browser — chromium-browser
oval:org.secpod.oval:def:37240 CVE-2016-4618 Universal cross site scripting vulnerability in Apple Safari due to maliciously crafted webpage
oval:org.secpod.oval:def:37249 CVE-2016-4735 Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4735
oval:org.secpod.oval:def:37250 CVE-2016-4737 Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4737
oval:org.secpod.oval:def:37251 CVE-2016-4759 Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4759
oval:org.secpod.oval:def:37252 CVE-2016-4762 Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4762
oval:org.secpod.oval:def:37253 CVE-2016-4766 Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4766
oval:org.secpod.oval:def:37254 CVE-2016-4767 Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4767
oval:org.secpod.oval:def:37255 CVE-2016-4768 Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4768
oval:org.secpod.oval:def:37256 CVE-2016-4769 Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4769
oval:org.secpod.oval:def:37257 CVE-2016-4760 Cross-protocol exploitation vulnerability in Apple Safari due to maliciously crafted webpage
oval:org.secpod.oval:def:37258 CVE-2016-4733 Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4733
oval:org.secpod.oval:def:37241 CVE-2016-4751 Address bar spoofing vulnerability in Apple Safari due to maliciously crafted webpage
oval:org.secpod.oval:def:37259 CVE-2016-4765 Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4765
oval:org.secpod.oval:def:37260 CVE-2016-4763 Unspecified vulnerability in Apple Safari due to WKWebView with HTTPS
oval:org.secpod.oval:def:37242 CVE-2016-4728 Arbitrary code execution vulnerability in Apple Safari due to maliciously crafted webpage
oval:org.secpod.oval:def:37261 APPLE-SA-2016-09-20-2
CVE-2016-4611
CVE-2016-4618
CVE-2016-4728
CVE-2016-4729
CVE-2016-4730
CVE-2016-4731
CVE-2016-4733
CVE-2016-4734
CVE-2016-4735
CVE-2016-4737
CVE-2016-4751
CVE-2016-4758
CVE-2016-4759
CVE-2016-4760
CVE-2016-4762
CVE-2016-4763
CVE-2016-4765
CVE-2016-4766
CVE-2016-4767
CVE-2016-4768
CVE-2016-4769
Multiple vulnerabilities in Apple Safari – APPLE-SA-2016-09-20-2
oval:org.secpod.oval:def:37243 CVE-2016-4758 Information disclosure vulnerability in Apple Safari due to maliciously crafted webpage
oval:org.secpod.oval:def:37244 CVE-2016-4611 Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4611
oval:org.secpod.oval:def:37245 CVE-2016-4729 Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4729
oval:org.secpod.oval:def:37246 CVE-2016-4730 Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4730
oval:org.secpod.oval:def:37247 CVE-2016-4731 Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4731
oval:org.secpod.oval:def:37248 CVE-2016-4734 Memory corruption vulnerability in Apple Safari due to maliciously crafted webpage – CVE-2016-4734