SCAP Feed Release Update: 08-Sep-2014

  • Post author:
  • Reading time:14 mins read

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. This is a list of vulnerabilities detected using a vulnerability management solution.

Also, a patch management tool can patch these vulnerabilities.

oval:org.secpod.oval:def:21006 CVE-2013-1610, Unquoted Windows search path vulnerability in Symantec PGP Desktop and Symantec Encryption Desktop via a Trojan horse application
oval:org.secpod.oval:def:21007 CVE-2010-3618, Data insertion vulnerability in Symantec PGP Desktop
oval:org.secpod.oval:def:21008 CVE-2009-0681, Denial of service vulnerability in Symantec PGP Desktop via a crafted IOCTL
oval:org.secpod.oval:def:21005 CVE-2013-2566, Plaintext recovery vulnerability in Mozilla Firefox via statistical analysis of ciphertext
oval:org.secpod.oval:def:21012 CVE-2008-2086, Arbitrary code execution vulnerability in Sun JDK and JRE via a crafted jnlp file
oval:org.secpod.oval:def:21013 CVE-2008-5339, Unspecified vulnerability in Sun JDK and JRE via unknown vectors – CVE-2008-5339
oval:org.secpod.oval:def:21014 CVE-2008-5340, Unspecified vulnerability in Sun JDK and JRE via unknown vectors – CVE-2008-5340
oval:org.secpod.oval:def:21015 CVE-2008-5341, Unspecified vulnerability in Sun JDK and JRE via unknown vectors – CVE-2008-5341
oval:org.secpod.oval:def:21016 CVE-2008-5342, Unspecified vulnerability in Sun JDK and JRE via unknown vectors – CVE-2008-5342
oval:org.secpod.oval:def:21017 CVE-2008-5343, Unspecified vulnerability in Sun JDK and JRE via crafted file
oval:org.secpod.oval:def:21018 CVE-2008-5344, Unspecified vulnerability in Sun JDK and JRE via vector related to applet classloading
oval:org.secpod.oval:def:21019 CVE-2010-1423, Argument injection vulnerability in Sun JDK and JRE via the -J or -XXaltjvm argument to javaws.exe
oval:org.secpod.oval:def:1500689 CVE-2014-0475,
CVE-2014-5119,
ELSA-2014-1110,
ELSA-2014-1110 — Oracle glibc
oval:org.secpod.oval:def:1500690 CVE-2014-0475,
CVE-2014-5119,
ELSA-2014-1110,
ELSA-2014-1110 — Oracle glibc
oval:org.secpod.oval:def:1500691 CVE-2014-0475,
CVE-2014-5119,
ELSA-2014-1110,
ELSA-2014-1110 — Oracle glibc
oval:org.secpod.oval:def:1500692 CVE-2014-0240,
ELSA-2014-1091,
ELSA-2014-1091 — Oracle mod_wsgi
oval:org.secpod.oval:def:601756 CVE-2014-5461,
DSA-3016-1,
DSA-3016-1 lua5.2 — lua5.2
oval:org.secpod.oval:def:601757 CVE-2014-3589,
DSA-3009-1,
DSA-3009-1 python-imaging — python-imaging
oval:org.secpod.oval:def:601758 CVE-2014-5025,
CVE-2014-5026,
CVE-2014-5027,
CVE-2014-5261,
CVE-2014-5262,
DSA-3007-1,
DSA-3007-1 cacti — cacti
oval:org.secpod.oval:def:601759 CVE-2014-0114,
DSA-2940-1,
DSA-2940-1 libstruts1.2-java — libstruts1.2-java
oval:org.secpod.oval:def:601760 CVE-2014-0485,
DSA-3013-1,
DSA-3013-1 s3ql — s3ql
oval:org.secpod.oval:def:601761 CVE-2014-5119,
DSA-3012-1,
DSA-3012-1 eglibc — eglibc
oval:org.secpod.oval:def:601762 CVE-2014-5241,
CVE-2014-5243,
DSA-3011-1,
DSA-3011-1 mediawiki — mediawiki
oval:org.secpod.oval:def:601763 CVE-2014-0480,
CVE-2014-0481,
CVE-2014-0482,
CVE-2014-0483,
DSA-3010-1,
DSA-3010-1 python-django — python-django
oval:org.secpod.oval:def:601764 CVE-2014-5461,
DSA-3015-1,
DSA-3015-1 lua5.1 — lua5.1
oval:org.secpod.oval:def:21010 CVE-2013-7345,
CVE-2014-3538,
CVE-2014-3587,
CVE-2014-3597,
CVE-2014-4049,
CVE-2014-4670,
DSA-3008-2,
DSA-3008-2 php5 — php5
oval:org.secpod.oval:def:21011 CVE-2014-3609,
DSA-3014-1,
DSA-3014-1 squid3 — squid3
oval:org.secpod.oval:def:21009 CVE-2013-7345,
CVE-2014-3538,
CVE-2014-3587,
CVE-2014-3597,
CVE-2014-4049,
CVE-2014-4670,
DSA-3008-1,
DSA-3008-1 php5 — php5