Oval Definition:
oval:org.cisecurity:def:45
Revision Date
:
2016-02-08
Version
:
2
Title
:
DSA-3309-1 -- tidy -- security update
Description
:
Fernando MuГ±oz discovered that invalid HTML input passed to tidy, an HTML syntax checker and reformatter, could trigger a buffer overflow. This could allow remote attackers to cause a denial of service (crash) or potentially execute arbitrary code.
Family
:
unix
Class
:
patch
Status
:
ACCEPTED
Reference(s)
:
CVE-2015-5522
CVE-2015-5523
DSA-3309-1
Platform(s)
:
Debian 8
Debian GNU/kFreeBSD 7.0
Debian GNU/Linux 7.0
Product(s)
:
tidy
Definition Synopsis
Debian 7
Debian 7 is installed
AND
GNU/Linux or GNU/kFreeBSD kernel
Debian GNU/Linux is installed
OR
Debian GNU/kFreeBSD is installed
AND
tidy is earlier than 0:20091223cvs-1.2+deb7u1
OR
Debian 8
Debian 8 is installed
AND
tidy is earlier than 0:20091223cvs-1.4+deb8u1
BACK