OVAL Reference oval:org.opensuse.security:def:20172816

Oval Definition:

oval:org.opensuse.security:def:20172816

Revision Date:	2022-09-02	Version:	1
Title:	CVE-2017-2816
Description:	An exploitable buffer overflow vulnerability exists in the tag parsing functionality of LibOFX 0.9.11. A specially crafted OFX file can cause a write out of bounds resulting in a buffer overflow on the stack. An attacker can construct a malicious OFX file to trigger this vulnerability.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2017-2816 SUSE-SU-2018:2045-1 SUSE-SU-2018:2064-1 openSUSE-SU-2018:2229-1 Mitre CVE-2017-2816 SUSE CVE-2017-2816 SUSE-SU-2018:2045-1 SUSE-SU-2018:2064-1 openSUSE-SU-2018:2229-1
Platform(s):	openSUSE Leap 42.3 openSUSE Tumbleweed SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Desktop 12 SP5 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SP5	Product(s):
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information libofx-0.9.0-3.7 is installed OR libofx-devel-0.9.0-3.7 is installed OR libofx4-0.9.0-3.7 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND Package Information libofx-0.9.9-3.7 is installed OR libofx6-0.9.9-3.7 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libofx-0.9.9-3.7 is installed OR libofx6-0.9.9-3.7 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP3 is installed AND libofx-0.9.9-3.7 is installed OR libofx6-0.9.9-3.7 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND libofx-0.9.9-3.7 is installed OR libofx-devel-0.9.9-3.7 is installed OR Package Information SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND libofx-0.9.9-3.7 is installed OR libofx6-0.9.9-3.7 is installed
Definition Synopsis
openSUSE Leap 42.3 is installed AND Package Information libofx-0.9.10-7.3 is installed AND libofx is signed with openSUSE key OR libofx-devel-0.9.10-7.3 is installed AND libofx-devel is signed with openSUSE key OR libofx6-0.9.10-7.3 is installed AND libofx6 is signed with openSUSE key
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP3 is installed OR SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libofx-0.9.9-3.7 is installed OR libofx6-0.9.9-3.7 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP3 is installed OR SUSE Linux Enterprise Desktop 12 SP4 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP3 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND libofx-0.9.9-3.7 is installed OR libofx6-0.9.9-3.7 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 12 SP3 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND libofx-0.9.9-3.7 is installed OR libofx-devel-0.9.9-3.7 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Workstation Extension 12 SP3 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND Package Information libofx-0.9.9-3.7 is installed OR libofx6-0.9.9-3.7 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP3 is installed OR SUSE Linux Enterprise Desktop 12 SP4 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP3 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP4 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP5 is installed AND libofx-0.9.9-3.7 is installed OR libofx6-0.9.9-3.7 is installed OR Package Information SUSE Linux Enterprise Software Development Kit 12 SP3 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP4 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed AND libofx-0.9.9-3.7 is installed OR libofx-devel-0.9.9-3.7 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Workstation Extension 12 SP3 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP4 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP5 is installed AND Package Information libofx-0.9.9-3.7 is installed OR libofx6-0.9.9-3.7 is installed
Definition Synopsis
openSUSE Tumbleweed is installed AND Package Information libofx-0.10.1-1.9 is installed OR libofx-devel-0.10.1-1.9 is installed OR libofx7-0.10.1-1.9 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP2 is installed AND libofx is affected OR Package Information SUSE Linux Enterprise Desktop 12 SP4 is installed AND libofx-0.9.9-3.7.1 is installed OR libofx6-0.9.9-3.7.1 is installed OR Package Information SUSE Linux Enterprise Desktop 12 SP3 is installed AND libofx-0.9.9-3.7.1 is installed OR libofx6-0.9.9-3.7.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP4 is installed OR SUSE Linux Enterprise Desktop 12 SP5 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP4 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP5 is installed AND libofx-0.9.9-3.7.1 is installed OR libofx6-0.9.9-3.7.1 is installed OR Package Information SUSE Linux Enterprise Desktop 12 SP3 is installed OR SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND libofx-0.9.9-3.7.1 is installed OR libofx6-0.9.9-3.7.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP5 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP5 is installed AND libofx-0.9.9-3.7.1 is installed OR libofx6-0.9.9-3.7.1 is installed OR Package Information SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed AND libofx-0.9.9-3.7.1 is installed OR libofx-devel-0.9.9-3.7.1 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND libofx-0.9.9-3.7.1 is installed OR libofx6-0.9.9-3.7.1 is installed OR Package Information SUSE Linux Enterprise Desktop 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND libofx-0.9.9-3.7.1 is installed OR libofx-devel-0.9.9-3.7.1 is installed

BACK