Vulnerability CVE-2008-3964 - CERT Civis.Net

Vulnerability Name:

CVE-2008-3964 (CCN-44928)

Assigned:

2008-09-08

Published:

2008-09-08

Updated:

2022-01-31

Summary:

Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function in pngread.c, and possibly related to (2) pngtest.c.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2008-3964

Source: CCN
Type: SA31781
libpng "png_push_read_zTXt()" Off-By-One Vulnerability

Source: SECUNIA
Type: Third Party Advisory
31781

Source: SECUNIA
Type: Third Party Advisory
33137

Source: CCN
Type: SA35302
Sun Solaris libpng Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
35302

Source: CCN
Type: SA35386
Avaya CMS Solaris libpng Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
35386

Source: GENTOO
Type: Third Party Advisory
GLSA-200812-15

Source: MLIST
Type: Third Party Advisory
[png-mng-implement] 20080918 libpng-1.0.40 and libpng-1.2.32 available

Source: CONFIRM
Type: Product, Third Party Advisory
http://sourceforge.net/project/shownotes.php?group_id=5624&release_id=624517

Source: CCN
Type: SourceForge.net: Files
libpng, File Release Notes and Changelog, Release Name: 1.2.32beta01

Source: CONFIRM
Type: Broken Link, Patch
http://sourceforge.net/project/shownotes.php?release_id=624518

Source: CCN
Type: SourceForge.net: Detail: 2095669
Off-by-one error in png_push_read_zTXt

Source: CONFIRM
Type: Exploit, Third Party Advisory
http://sourceforge.net/tracker/index.php?func=detail&aid=2095669&group_id=5624&atid=105624

Source: CCN
Type: Sun Alert ID: 259989
Security Vulnerability in Solaris libpng(3) May Allow Denial of Service (DoS) or Privilege Escalation

Source: SUNALERT
Type: Broken Link
259989

Source: SUNALERT
Type: Broken Link
1020521

Source: CONFIRM
Type: Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm

Source: CCN
Type: ASA-2009-208
Security Vulnerability in Solaris libpng(3) May Allow Denial of Service (DoS) or Privilege Escalation (Sun 259989)

Source: CCN
Type: GLSA-200812-15
POV-Ray: User-assisted execution of arbitrary code

Source: CCN
Type: US-CERT VU#889484
libpng off-by-one vulnerability

Source: CERT-VN
Type: Third Party Advisory, US Government Resource
VU#889484

Source: MANDRIVA
Type: Broken Link
MDVSA-2009:051

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20080909 CVE request (libpng)

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20080909 Re: CVE request (libpng)

Source: CCN
Type: OSVDB ID: 48298
libpng pngread.c png_push_read_zTXt() Function Off-By-One

Source: BID
Type: Third Party Advisory, VDB Entry
31049

Source: CCN
Type: BID-31049
Libpng Library 'png_push_read_zTXt()' Off-By-One Denial of Service Vulnerability

Source: CCN
Type: USN-730-1
libpng vulnerabilities

Source: VUPEN
Type: Permissions Required
ADV-2008-2512

Source: VUPEN
Type: Permissions Required
ADV-2009-1462

Source: VUPEN
Type: Permissions Required
ADV-2009-1560

Source: XF
Type: Third Party Advisory, VDB Entry
libpng-pngpushreadztxt-dos(44928)

Source: XF
Type: UNKNOWN
libpng-pngpushreadztxt-dos(44928)

Source: CCN
Type: IBM Security Bulletin 6572711 (Netezza Analytics for NPS)
Gdal vulnerabilities affect IBM Netezza Analytics for NPS

Vulnerable Configuration:

Configuration 1:

cpe:/a:libpng:libpng:*:*:*:*:*:*:*:* (Version < 1.2.32)

OR cpe:/a:libpng:libpng:1.4.0:beta1:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta10:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta11:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta12:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta13:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta14:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta15:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta16:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta17:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta18:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta19:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta2:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta20:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta21:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta22:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta23:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta24:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta25:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta26:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta27:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta28:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta29:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta3:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta30:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta31:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta32:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta33:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta4:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta5:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta6:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta7:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta8:*:*:*:*:*:*

OR cpe:/a:libpng:libpng:1.4.0:beta9:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:libpng:libpng:1.2.31:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:-:*:*:*:*:*:*:*

OR cpe:/o:sun:solaris:9::x86:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*

OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*

OR cpe:/o:sun:solaris:10::x86:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:x86_64:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_89::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_89::sparc:*:*:*:*:*

OR cpe:/o:sun:solaris:9::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_95::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_95::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_01::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_02::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_13::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_19::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_22::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_39::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_47::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_64::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_79b::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_88::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_01::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_02::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_13::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_19::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_22::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_39::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_47::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_64::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_79b::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_88::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_03::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_04::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_05::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_06::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_07::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_08::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_09::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_10::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_11::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_12::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_14::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_15::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_16::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_18::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_20::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_21::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_24::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_25::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_26::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_27::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_28::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_29::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_31::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_32::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_33::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_34::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_35::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_37::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_41::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_43::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_44::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_45::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_48::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_50::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_53::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_54::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_56::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_58::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_59::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_60::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_62::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_65::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_68::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_69::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_72::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_75::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_76::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_78::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_81::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_82::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_84::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_85::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_87::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_86::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_17::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_23::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_30::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_36::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_38::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_42::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_46::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_49::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_51::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_52::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_55::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_57::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_61::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_63::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_66::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_67::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_70::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_71::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_73::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_74::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_77::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_79::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_83::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_03::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_04::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_05::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_06::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_07::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_15::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_08::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_14::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_11::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_17::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_12::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_09::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_16::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_10::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_21::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_20::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_27::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_26::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_25::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_24::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_23::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_18::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_28::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_33::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_34::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_35::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_36::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_32::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_37::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_31::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_30::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_29::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_40::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_41::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_42::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_43::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_44::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_38::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_45::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_46::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_48::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_55::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_54::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_50::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_57::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_49::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_56::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_52::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_51::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_53::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_67::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_66::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_59::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_65::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_58::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_61::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_63::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_60::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_62::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_71::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_68::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_72::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_77::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_70::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_74::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_73::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_76::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_69::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_75::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_78::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_84::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_83::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_79::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_86::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_85::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_87::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_80::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_82::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_81::sparc:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:8.10:*:*:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_100::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_100::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_102::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_102::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_80::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_91::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_91::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_90::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_90::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_40::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_104::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_104::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_101::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_101::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_105::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_105::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_92::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_92::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_93::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_94::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_99::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_98::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_97::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_96::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_94::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_93::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_99::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_97::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_98::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_96::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_103::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_103::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_106::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_106::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_107::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_107::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_108::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_109::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_110::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_108::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_109::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_110::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_111::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_111::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_112::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_112::sparc:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20083964	V	CVE-2008-3964	2022-06-30
oval:org.opensuse.security:def:42371	P	Security update for cifs-utils (Important)	2022-04-27
oval:org.opensuse.security:def:42167	P	Security update for salt (Important)	2022-03-30
oval:org.opensuse.security:def:112773	P	libpng12-0-1.2.59-1.9 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:112775	P	libpng16-16-1.6.37-3.3 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:26227	P	Security update for the Linux Kernel (Important)	2022-01-13
oval:org.opensuse.security:def:31374	P	Security update for libsndfile (Important)	2022-01-05
oval:org.opensuse.security:def:32251	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:26184	P	Security update for log4j (Important)	2021-12-17
oval:org.opensuse.security:def:31313	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:106244	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:32207	P	Security update for util-linux (Moderate)	2021-10-19
oval:org.opensuse.security:def:26144	P	Security update for libqt5-qtsvg (Moderate)	2021-10-11
oval:org.opensuse.security:def:31282	P	Security update for webkit2gtk3 (Important)	2021-10-06
oval:org.opensuse.security:def:106246	P	libpng16-16-1.6.37-3.3 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:31687	P	Security update for sqlite3 (Important)	2021-09-23
oval:org.opensuse.security:def:32185	P	Security update for ghostscript (Critical)	2021-09-21
oval:org.opensuse.security:def:31681	P	Security update for gtk-vnc (Moderate)	2021-09-16
oval:org.opensuse.security:def:31676	P	Security update for openexr (Important)	2021-09-02
oval:org.opensuse.security:def:31675	P	Security update for bind (Moderate)	2021-08-30
oval:org.opensuse.security:def:31674	P	Security update for aspell (Important)	2021-08-25
oval:org.opensuse.security:def:26099	P	Security update for libsndfile (Critical)	2021-08-05
oval:org.opensuse.security:def:26100	P	Security update for djvulibre (Important)	2021-08-05
oval:org.opensuse.security:def:31239	P	Security update for dbus-1 (Important)	2021-08-02
oval:org.opensuse.security:def:31227	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:32146	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:31228	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:26086	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:32129	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:36209	P	libpng12-0-1.2.31-5.33.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36474	P	libpng-devel-1.2.31-5.33.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42616	P	libpng12-0-1.2.31-5.33.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32928	P	Security update for postgresql10 (Moderate)	2021-05-27
oval:org.opensuse.security:def:26043	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:26042	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:26035	P	Security update for apache-commons-io (Moderate)	2021-04-26
oval:org.opensuse.security:def:31150	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:26028	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:26024	P	Security update for xen (Important)	2021-04-06
oval:org.opensuse.security:def:32285	P	Security update for MozillaFirefox (Important)	2021-03-31
oval:org.opensuse.security:def:31741	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:31730	P	Security update for bind (Important)	2021-02-18
oval:org.opensuse.security:def:26193	P	Security update for bind (Important)	2021-02-18
oval:org.opensuse.security:def:26091	P	Security update for MozillaFirefox (Important)	2021-01-29
oval:org.opensuse.security:def:31649	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:32097	P	Security update for flac (Moderate)	2021-01-04
oval:org.opensuse.security:def:32003	P	Security update for python-cryptography (Moderate)	2020-12-04
oval:org.opensuse.security:def:35596	P	libpng12-0-1.2.31-5.12.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35760	P	libpng12-0-1.2.31-5.25.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42003	P	libpng12-0-1.2.31-5.12.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35964	P	libpng12-0-1.2.31-5.31.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25322	P	Security update for tigervnc (Critical)	2020-12-01
oval:org.opensuse.security:def:26290	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25759	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:25432	P	Security update for ibus (Important)	2020-12-01
oval:org.opensuse.security:def:31837	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:26755	P	libnetpbm10 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31064	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25718	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:31981	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:26963	P	libpng12-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25834	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25736	P	Security update for mozilla-nspr, mozilla-nss (Moderate)	2020-12-01
oval:org.opensuse.security:def:32390	P	Security update for tomcat6 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27437	P	libcap-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31076	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25856	P	Security update for gd (Important)	2020-12-01
oval:org.opensuse.security:def:25989	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32047	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:31432	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26308	P	Security update for python modules (Low)	2020-12-01
oval:org.opensuse.security:def:32451	P	Security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:25148	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:31445	P	Security update for poppler (Moderate)	2020-12-01
oval:org.opensuse.security:def:26335	P	security update for go (Low)	2020-12-01
oval:org.opensuse.security:def:32724	P	libpng12-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25514	P	Security update for mariadb-connector-c (Important)	2020-12-01
oval:org.opensuse.security:def:31517	P	Security update for quagga (Important)	2020-12-01
oval:org.opensuse.security:def:31518	P	Security update for quagga (Important)	2020-12-01
oval:org.opensuse.security:def:26476	P	Security update for nextcloud (Moderate)	2020-12-01
oval:org.opensuse.security:def:33133	P	ldapsmb on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25223	P	Security update for openssl-1_0_0 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31798	P	Security update for OpenEXR (Moderate)	2020-12-01
oval:org.opensuse.security:def:31779	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26724	P	kdebase3-runtime on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25526	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:31985	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:26534	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25595	P	Security update for java-1_8_0-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:32041	P	Security update for krb5 (Important)	2020-12-01
oval:org.opensuse.security:def:31840	P	Security update for bsdtar (Important)	2020-12-01
oval:org.opensuse.security:def:25962	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:25724	P	Security update for postgresql10 (Low)	2020-12-01
oval:org.opensuse.security:def:27207	P	libpng12-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25940	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:25865	P	Security update for pcre (Moderate)	2020-12-01
oval:org.opensuse.security:def:32522	P	gnome-screensaver on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26388	P	Security update for irssi (Moderate)	2020-12-01
oval:org.opensuse.security:def:25923	P	Security update for util-linux (Moderate)	2020-12-01
oval:org.opensuse.security:def:25311	P	Security update for shim (Moderate)	2020-12-01
oval:org.opensuse.security:def:26600	P	librpcsecgss on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26246	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25758	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:31761	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26741	P	libcap-progs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26596	P	libpng12-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25386	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32042	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31942	P	Security update for gnome-session (Moderate)	2020-12-01
oval:org.opensuse.security:def:26928	P	kdelibs4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25770	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:25489	P	Security update for pam_radius (Important)	2020-12-01
oval:org.opensuse.security:def:32341	P	Security update for spice (Moderate)	2020-12-01
oval:org.opensuse.security:def:26799	P	pam_mount on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31065	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25799	P	Security update for gcc48 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31431	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25887	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:32429	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:27472	P	libpng-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25147	P	Security update for libqt4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32685	P	java-1_4_2-ibm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31443	P	Security update for policycoreutils (Moderate)	2020-12-01
oval:org.opensuse.security:def:26365	P	Security update of chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26437	P	Security update for enigmail (Important)	2020-12-01
oval:org.opensuse.security:def:32495	P	clamav on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25159	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:31537	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:26653	P	xorg-x11-Xvnc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25515	P	Security update for Mesa (Moderate)	2020-12-01
oval:org.opensuse.security:def:31893	P	Security update for expat (Moderate)	2020-12-01
oval:org.opensuse.security:def:26490	P	Security update for pdns (Moderate)	2020-12-01
oval:org.opensuse.security:def:33172	P	libpng12-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26023	P	Security update for evince (Important)	2020-12-01
oval:org.opensuse.security:def:25351	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31885	P	Security update for ecryptfs-utils (Moderate)	2020-12-01
oval:org.opensuse.security:def:31818	P	Security update for audiofile (Moderate)	2020-12-01
oval:org.opensuse.security:def:26759	P	libpng12-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25590	P	Security update for dovecot22 (Important)	2020-12-01
oval:org.opensuse.security:def:25573	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:27172	P	libadns1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25652	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:25826	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31884	P	Security update for dosfstools (Moderate)	2020-12-01
oval:org.opensuse.security:def:25777	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:25879	P	Security update for pidgin-otr (Important)	2020-12-01
oval:org.opensuse.security:def:32561	P	libpng12-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25310	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26449	P	Security update for nginx (Moderate)	2020-12-01
oval:org.opensuse.security:def:26232	P	Security update for openconnect (Moderate)	2020-12-01
oval:org.opensuse.security:def:32889	P	kbd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31594	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:26702	P	fuse on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26561	P	gstreamer-0_10-plugins-good on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:13052	P	USN-730-1 -- libpng vulnerabilities	2014-06-30