Vulnerability CVE-2008-1767 - CERT Civis.Net

Vulnerability Name:

CVE-2008-1767 (CCN-42560)

Assigned:

2008-04-10

Published:

2008-04-10

Updated:

2017-09-29

Summary:

Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: CCN
Type: Gnome Bugzilla Bug 527297
xsltproc crashes when applying a transform to an xml document

Source: CONFIRM
Type: Exploit
http://bugzilla.gnome.org/show_bug.cgi?id=527297

Source: MITRE
Type: CNA
CVE-2008-1767

Source: APPLE
Type: UNKNOWN
APPLE-SA-2008-11-13

Source: APPLE
Type: UNKNOWN
APPLE-SA-2008-07-11

Source: APPLE
Type: UNKNOWN
APPLE-SA-2008-10-09

Source: CCN
Type: RHSA-2008-0287
Important: libxslt security update

Source: CCN
Type: SA30315
libxslt XSL File Processing Vulnerability

Source: SECUNIA
Type: Vendor Advisory
30315

Source: SECUNIA
Type: Vendor Advisory
30323

Source: SECUNIA
Type: UNKNOWN
30393

Source: SECUNIA
Type: UNKNOWN
30521

Source: SECUNIA
Type: UNKNOWN
30717

Source: CCN
Type: SA31074
Apple iPhone / iPod touch Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
31074

Source: SECUNIA
Type: UNKNOWN
31363

Source: CCN
Type: SA32222
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
32222

Source: CCN
Type: SA32706
Apple Safari Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
32706

Source: CCN
Type: SA44287
Oracle Solaris libxslt XSL File Processing Vulnerability

Source: GENTOO
Type: UNKNOWN
GLSA-200806-02

Source: CCN
Type: SECTRACK ID: 1020071
libxslt XSL Style Sheet Array Overflow May Let Remote Users Execute Arbitrary Code

Source: CCN
Type: Apple Web site
About the security content of iPhone v2.0 and iPod touch v2.0

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT3216

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT3298

Source: CCN
Type: ASA-2008-267
libxslt security update (RHSA-2008-0287)

Source: DEBIAN
Type: UNKNOWN
DSA-1589

Source: DEBIAN
Type: DSA-1589
libxslt -- buffer overflow

Source: CCN
Type: GLSA-200806-02
libxslt: Execution of arbitrary code

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:151

Source: SUSE
Type: UNKNOWN
SUSE-SR:2008:013

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0287

Source: BID
Type: Exploit
29312

Source: CCN
Type: BID-29312
libxslt XSL File Processing Buffer Overflow Vulnerability

Source: CCN
Type: BID-30186
Apple iPhone and iPod Touch Prior to Version 2.0 Multiple Remote Vulnerabilities

Source: BID
Type: UNKNOWN
31681

Source: CCN
Type: BID-31681
RETIRED: Apple Mac OS X 2008-007 Multiple Security Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1020071

Source: CCN
Type: USN-633-1
libxslt vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-633-1

Source: VUPEN
Type: UNKNOWN
ADV-2008-1580

Source: VUPEN
Type: UNKNOWN
ADV-2008-2094

Source: VUPEN
Type: UNKNOWN
ADV-2008-2780

Source: CCN
Type: XMLSOFT Web site
The XSLT C library for GNOME

Source: CCN
Type: Red Hat Bugzilla Bug 446809
CVE-2008-1767 libxslt: fixed-sized steps array overflow via "template match" condition in XSL file

Source: XF
Type: UNKNOWN
libxslt-xsl-bo(42560)

Source: XF
Type: UNKNOWN
libxslt-xsl-bo(42560)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9785

Source: SUSE
Type: SUSE-SR:2008:013
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/o:redhat:desktop:3:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:4:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:5:*:client:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop_workstation:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:xmlsoft:libxslt:1.1.23:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06:*:lts:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:1.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:x86-64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:es:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*

OR cpe:/h:apple:ipod_touch:1.1:*:*:*:*:*:*:*

OR cpe:/h:apple:ipod_touch:1.1.1:*:*:*:*:*:*:*

OR cpe:/h:apple:ipod_touch:1.1.2:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:8.04:*:lts:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*

OR cpe:/o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*

OR cpe:/h:apple:ipod_touch:1.1.3:*:*:*:*:*:*:*

OR cpe:/h:apple:ipod_touch:1.1.4:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20081767	V	CVE-2008-1767	2022-06-30
oval:org.opensuse.security:def:42390	P	Security update for fribidi (Moderate)	2022-05-25
oval:org.opensuse.security:def:42183	P	Security update for e2fsprogs (Important)	2022-05-16
oval:org.opensuse.security:def:112933	P	libxslt-devel-1.1.34-3.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:31710	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:32226	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:26163	P	Security update for bind (Important)	2021-11-11
oval:org.opensuse.security:def:31699	P	Security update for binutils (Moderate)	2021-11-02
oval:org.opensuse.security:def:31698	P	Security update for transfig (Important)	2021-10-29
oval:org.opensuse.security:def:31697	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:31295	P	Security update for transfig (Important)	2021-10-29
oval:org.opensuse.security:def:32204	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:106388	P	libxslt-devel-1.1.34-3.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:26135	P	Security update for hivex (Moderate)	2021-09-23
oval:org.opensuse.security:def:31687	P	Security update for sqlite3 (Important)	2021-09-23
oval:org.opensuse.security:def:26123	P	Security update for openssl-1_0_0 (Low)	2021-09-09
oval:org.opensuse.security:def:31255	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:26110	P	Security update for aspell (Important)	2021-08-25
oval:org.opensuse.security:def:32165	P	Security update for cpio (Important)	2021-08-23
oval:org.opensuse.security:def:31668	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:31244	P	Security update for libcares2 (Important)	2021-08-16
oval:org.opensuse.security:def:31243	P	Security update for cpio (Important)	2021-08-14
oval:org.opensuse.security:def:26102	P	Security update for php72 (Important)	2021-08-06
oval:org.opensuse.security:def:32152	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:32947	P	Security update for java-1_8_0-openjdk (Moderate)	2021-06-15
oval:org.opensuse.security:def:32116	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:26071	P	Security update for the Linux Kernel (Important)	2021-06-09
oval:org.opensuse.security:def:42639	P	libxslt-1.1.24-19.23.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36232	P	libxslt-1.1.24-19.23.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36510	P	libxslt-devel-1.1.24-19.23.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:26066	P	Security update for gstreamer-plugins-bad (Important)	2021-06-07
oval:org.opensuse.security:def:26060	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:26059	P	Security update for postgresql12 (Moderate)	2021-05-27
oval:org.opensuse.security:def:26058	P	Security update for postgresql10 (Moderate)	2021-05-27
oval:org.opensuse.security:def:26044	P	Security update for avahi (Moderate)	2021-05-04
oval:org.opensuse.security:def:32908	P	Security update for tomcat (Important)	2021-04-29
oval:org.opensuse.security:def:31163	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:31610	P	Security update for MozillaFirefox (Important)	2021-04-27
oval:org.opensuse.security:def:32060	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:32063	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:32065	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:26212	P	Security update for python3 (Moderate)	2021-03-19
oval:org.opensuse.security:def:31743	P	Security update for python (Moderate)	2021-03-16
oval:org.opensuse.security:def:32270	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:26207	P	Security update for openssl-1_1 (Moderate)	2021-03-09
oval:org.opensuse.security:def:31329	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:25985	P	Security update for gimp (Moderate)	2020-12-29
oval:org.opensuse.security:def:32019	P	Security update for clamav (Important)	2020-12-22
oval:org.opensuse.security:def:32008	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:31089	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:35776	P	libxslt-1.1.24-19.15 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42016	P	libxslt-1.1.24-19.15 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35983	P	libxslt-1.1.24-19.21.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35609	P	libxslt-1.1.24-19.15 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25445	P	Security update for accountsservice (Moderate)	2020-12-01
oval:org.opensuse.security:def:31853	P	Security update for coreutils (Important)	2020-12-01
oval:org.opensuse.security:def:26265	P	Security update for guile (Low)	2020-12-01
oval:org.opensuse.security:def:33195	P	libxslt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25737	P	Security update for libpng12 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31904	P	Security update for foomatic-filters (Moderate)	2020-12-01
oval:org.opensuse.security:def:26777	P	log4net on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26775	P	libxslt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25586	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:31958	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27195	P	libmpfr1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25875	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32364	P	Security update for sudo (Important)	2020-12-01
oval:org.opensuse.security:def:31897	P	Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:26344	P	Security update for mbedtls (Moderate)	2020-12-01
oval:org.opensuse.security:def:25956	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25327	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31461	P	Security update for postgresql94 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26358	P	Security update for Mozilla Thunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:32452	P	Security update for xerces-j2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32574	P	libxslt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25781	P	Security update for libqt4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31784	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26485	P	Security update for singularity (Moderate)	2020-12-01
oval:org.opensuse.security:def:25402	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:26460	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26574	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25793	P	Security update for icedtea-web (Moderate)	2020-12-01
oval:org.opensuse.security:def:26309	P	Security update for haproxy (Important)	2020-12-01
oval:org.opensuse.security:def:31078	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25611	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:26513	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:31450	P	Security update for postgresql10 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31831	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:26982	P	libxslt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25160	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:25752	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:27473	P	libpoppler-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31462	P	Security update for postgresql94 (Important)	2020-12-01
oval:org.opensuse.security:def:25839	P	Security update for gimp (Moderate)	2020-12-01
oval:org.opensuse.security:def:25172	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:31387	P	Security update for openvpn-openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32474	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:25534	P	Security update for adns (Important)	2020-12-01
oval:org.opensuse.security:def:26636	P	rsync on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25892	P	Security update for gstreamer-0_10-plugins-good (Important)	2020-12-01
oval:org.opensuse.security:def:32740	P	libxslt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25364	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:31531	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:26251	P	Security update for zziplib (Moderate)	2020-12-01
oval:org.opensuse.security:def:33156	P	libjasper on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25609	P	Security update for sysstat (Moderate)	2020-12-01
oval:org.opensuse.security:def:31817	P	Security update for atftp (Important)	2020-12-01
oval:org.opensuse.security:def:26738	P	libapr-util1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26740	P	libarchive2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25502	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31909	P	Security update for freetype2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26557	P	gnome-screensaver on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25818	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:32308	P	Security update for python-numpy (Important)	2020-12-01
oval:org.opensuse.security:def:26791	P	openslp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26263	P	Security update for libEMF (Important)	2020-12-01
oval:org.opensuse.security:def:25903	P	Security update for util-linux (Important)	2020-12-01
oval:org.opensuse.security:def:31997	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:27230	P	libxslt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25326	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:25959	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:32413	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:32535	P	kdebase3-runtime on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26401	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26005	P	Security update for libcdio (Moderate)	2020-12-01
oval:org.opensuse.security:def:25338	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:31553	P	Security update for sqlite3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26411	P	Security update for go (Moderate)	2020-12-01
oval:org.opensuse.security:def:25936	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25782	P	Security update for evolution-data-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:31916	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:31077	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25530	P	Security update for virglrenderer (Important)	2020-12-01
oval:org.opensuse.security:def:26499	P	Security update for chromium, re2 (Important)	2020-12-01
oval:org.opensuse.security:def:26609	P	libxslt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25857	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:31792	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26947	P	libexif on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25668	P	Security update for python3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26835	P	unrar on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31451	P	Security update for postgresql10 (Important)	2020-12-01
oval:org.opensuse.security:def:25790	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:25161	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:27508	P	libxslt-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25533	P	Security update for ed (Low)	2020-12-01
oval:org.opensuse.security:def:31536	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:25878	P	Security update for libqt4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32701	P	libQtWebKit4-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25236	P	Security update for libexif (Moderate)	2020-12-01
oval:org.opensuse.security:def:31444	P	Security update for poppler (Moderate)	2020-12-01
oval:org.opensuse.security:def:32518	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25545	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31760	P	Security update for MozillaFirefox (Critical)	2020-12-01
oval:org.opensuse.security:def:26689	P	ed on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:17713	P	USN-633-1 -- libxslt vulnerabilities	2014-06-30
oval:org.mitre.oval:def:19993	P	DSA-1589-1 libxslt - arbitrary code execution	2014-06-23
oval:org.mitre.oval:def:7984	P	DSA-1589 libxslt -- buffer overflow	2014-06-23
oval:org.mitre.oval:def:22601	P	ELSA-2008:0287: libxslt security update (Important)	2014-05-26
oval:org.mitre.oval:def:9785	V	Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.	2013-04-29
oval:org.debian:def:1589	V	buffer overflow	2008-05-28
oval:com.redhat.rhsa:def:20080287	P	RHSA-2008:0287: libxslt security update (Important)	2008-05-21