Vulnerability CVE-2009-0733

Vulnerability Name:

CVE-2009-0733 (CCN-49330)

Assigned:

2009-03-19

Published:

2009-03-19

Updated:

2022-02-07

Summary:

Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-787

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2009-0733

Source: SUSE
Type: Third Party Advisory
SUSE-SR:2009:007

Source: CCN
Type: OpenJDK Web page
OpenJDK

Source: CCN
Type: RHSA-2009-0339
Moderate: lcms security update

Source: CCN
Type: RHSA-2009-0377
Important: java-1.6.0-openjdk security update

Source: CCN
Type: CESA-2009-003 - rev 2
LCMS (Little CMS / LittleCMS) memory corruptions

Source: MISC
Type: Exploit
http://scary.beasts.org/security/CESA-2009-003.html

Source: MISC
Type: Exploit
http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html

Source: CCN
Type: SA34367
Little cms Multiple Vulnerabilities

Source: SECUNIA
Type: Broken Link
34367

Source: SECUNIA
Type: Broken Link
34382

Source: SECUNIA
Type: Broken Link
34400

Source: CCN
Type: SA34408
OpenJDK Little cms Multiple Vulnerabilities

Source: SECUNIA
Type: Broken Link
34408

Source: SECUNIA
Type: Broken Link
34418

Source: SECUNIA
Type: Broken Link
34442

Source: SECUNIA
Type: Broken Link
34450

Source: SECUNIA
Type: Broken Link
34454

Source: SECUNIA
Type: Broken Link
34463

Source: SECUNIA
Type: Broken Link
34632

Source: SECUNIA
Type: Broken Link
34675

Source: SECUNIA
Type: Broken Link
34782

Source: GENTOO
Type: Third Party Advisory
GLSA-200904-19

Source: CCN
Type: SECTRACK ID: 1021869
LittleCMS Integer Overflows and Input Validation Flaws Let Remote Users Execute Arbitrary Code

Source: SLACKWARE
Type: Third Party Advisory
SSA:2009-083-01

Source: CCN
Type: SourceForge.net
Little cms

Source: DEBIAN
Type: Third Party Advisory
DSA-1745

Source: DEBIAN
Type: Third Party Advisory
DSA-1769

Source: DEBIAN
Type: DSA-1745
lcms -- several vulnerabilities

Source: DEBIAN
Type: DSA-1769
openjdk-6 -- several vulnerabilities

Source: MANDRIVA
Type: Broken Link
MDVSA-2009:121

Source: MANDRIVA
Type: Broken Link
MDVSA-2009:137

Source: MANDRIVA
Type: Broken Link
MDVSA-2009:162

Source: MISC
Type: Third Party Advisory
http://www.ocert.org/advisories/ocert-2009-003.html

Source: REDHAT
Type: Third Party Advisory
RHSA-2009:0339

Source: BUGTRAQ
Type: Third Party Advisory, VDB Entry
20090320 LittleCMS vulnerabilities (OpenJDK, Firefox, GIMP, etc. impacted)

Source: BUGTRAQ
Type: Third Party Advisory, VDB Entry
20090320 [oCERT-2009-003] LittleCMS integer errors

Source: BID
Type: Broken Link, Third Party Advisory, VDB Entry
34185

Source: CCN
Type: BID-34185
Little CMS Memory Leak and Multiple Memory Corruption Vulnerabilities

Source: SECTRACK
Type: Broken Link, Third Party Advisory, VDB Entry
1021869

Source: CCN
Type: USN-744-1
LittleCMS vulnerabilities

Source: UBUNTU
Type: Third Party Advisory
USN-744-1

Source: VUPEN
Type: Broken Link
ADV-2009-0775

Source: CCN
Type: Red Hat Bugzilla Bug 487512
CVE-2009-0733 LittleCms lack of upper-bounds check on sizes

Source: CONFIRM
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=487512

Source: XF
Type: Third Party Advisory, VDB Entry
littlecms-readsetofcurves-bo(49330)

Source: XF
Type: UNKNOWN
littlecms-readsetofcurves-bo(49330)

Source: OVAL
Type: Tool Signature
oval:org.mitre.oval:def:9742

Source: REDHAT
Type: Third Party Advisory
RHSA-2009:0377

Source: FEDORA
Type: Third Party Advisory
FEDORA-2009-2903

Source: FEDORA
Type: Third Party Advisory
FEDORA-2009-2910

Source: FEDORA
Type: Third Party Advisory
FEDORA-2009-2928

Source: FEDORA
Type: Third Party Advisory
FEDORA-2009-2970

Source: FEDORA
Type: Third Party Advisory
FEDORA-2009-2982

Source: FEDORA
Type: Third Party Advisory
FEDORA-2009-2983

Source: FEDORA
Type: Third Party Advisory
FEDORA-2009-3034

Source: SUSE
Type: SUSE-SR:2009:007
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:gimp:gimp:*:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.1:beta1:*:*:*:*:*:*

OR cpe:/a:sun:openjdk:*:*:*:*:*:*:*:* (Version <= 7)

Configuration 2:

cpe:/a:littlecms:little_cms:*:*:*:*:*:*:*:* (Version <= 1.17)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20090733	V	CVE-2009-0733	2022-05-20
oval:org.opensuse.security:def:42343	P	Security update for the Linux RT Kernel (Critical)	2022-02-21
oval:org.opensuse.security:def:26218	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:31721	P	Security update for log4j (Important)	2021-12-17
oval:org.opensuse.security:def:31712	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:31713	P	Security update for clamav (Moderate)	2021-12-01
oval:org.opensuse.security:def:32223	P	Security update for postgresql, postgresql13, postgresql14 (Important)	2021-11-20
oval:org.opensuse.security:def:42140	P	Security update for the Linux Kernel (Important)	2021-11-19
oval:org.opensuse.security:def:26165	P	Security update for libarchive (Moderate)	2021-11-17
oval:org.opensuse.security:def:31287	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:26144	P	Security update for libqt5-qtsvg (Moderate)	2021-10-11
oval:org.opensuse.security:def:32191	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-09-23
oval:org.opensuse.security:def:26116	P	Security update for apache2 (Important)	2021-09-02
oval:org.opensuse.security:def:31264	P	Security update for file (Important)	2021-09-02
oval:org.opensuse.security:def:32179	P	Security update for libesmtp (Important)	2021-09-02
oval:org.opensuse.security:def:32157	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:31656	P	Security update for systemd (Important)	2021-07-21
oval:org.opensuse.security:def:31647	P	Security update for libgcrypt (Important)	2021-06-24
oval:org.opensuse.security:def:31213	P	Security update for libnettle (Important)	2021-06-23
oval:org.opensuse.security:def:31202	P	Security update for webkit2gtk3 (Important)	2021-06-17
oval:org.opensuse.security:def:29383	P	Security update for java-1_8_0-openjdk (Moderate)	2021-06-15
oval:org.opensuse.security:def:32118	P	Security update for freeradius-server (Moderate)	2021-06-11
oval:org.opensuse.security:def:31636	P	Security update for spice (Important)	2021-06-08
oval:org.opensuse.security:def:36169	P	lcms-1.17-77.16.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36459	P	liblcms-devel-1.17-77.16.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42576	P	lcms-1.17-77.16.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:26063	P	Security update for dhcp (Important)	2021-06-01
oval:org.opensuse.security:def:26060	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:31621	P	Security update for djvulibre (Important)	2021-05-19
oval:org.opensuse.security:def:32089	P	Security update for samba (Important)	2021-05-04
oval:org.opensuse.security:def:32900	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:32069	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:32284	P	Security update for openssl (Moderate)	2021-03-24
oval:org.opensuse.security:def:26212	P	Security update for python3 (Moderate)	2021-03-19
oval:org.opensuse.security:def:31356	P	Security update for python (Moderate)	2021-03-16
oval:org.opensuse.security:def:33093	P	Security update for git (Important)	2021-03-09
oval:org.opensuse.security:def:26204	P	Security update for freeradius-server (Low)	2021-03-04
oval:org.opensuse.security:def:32245	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:29419	P	Security update for openvswitch (Important)	2021-02-03
oval:org.opensuse.security:def:31655	P	Security update for MozillaFirefox (Important)	2021-01-29
oval:org.opensuse.security:def:26084	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:31201	P	Security update for ImageMagick (Important)	2021-01-22
oval:org.opensuse.security:def:31635	P	Security update for java-1_7_1-ibm (Moderate)	2021-01-04
oval:org.opensuse.security:def:31568	P	Security update for MozillaFirefox (Critical)	2020-12-21
oval:org.opensuse.security:def:32013	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:35936	P	lcms-1.17-77.14.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35578	P	lcms-1.17-77.14.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:32002	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:35733	P	lcms-1.17-77.14.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41985	P	lcms-1.17-77.14.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:27961	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:26935	P	lcms on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31415	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31511	P	Security update for python27-urllib3, python27-boto3, python27-botocore, python27-s3transfer (Moderate)	2020-12-01
oval:org.opensuse.security:def:28685	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:32504	P	emacs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25296	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:25414	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:32428	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:32350	P	Security update for squid (Moderate)	2020-12-01
oval:org.opensuse.security:def:32794	P	systemtap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27962	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26494	P	Security update for pdns-recursor (Important)	2020-12-01
oval:org.opensuse.security:def:31489	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:31822	P	Security update for axis (Moderate)	2020-12-01
oval:org.opensuse.security:def:32543	P	lcms on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25486	P	Security update for openssl-1_1 (Important)	2020-12-01
oval:org.opensuse.security:def:25360	P	Security update for xrdp (Important)	2020-12-01
oval:org.opensuse.security:def:25471	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32584	P	ntp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32389	P	Security update for tomcat6 (Important)	2020-12-01
oval:org.opensuse.security:def:33432	P	Security update for curl	2020-12-01
oval:org.opensuse.security:def:27973	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26293	P	Security update for raptor (Important)	2020-12-01
oval:org.opensuse.security:def:26295	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:27132	P	ghostscript-fonts-other on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31761	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32021	P	Security update for kernel-firmware (Moderate)	2020-12-01
oval:org.opensuse.security:def:25487	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:25488	P	Security update for file-roller (Low)	2020-12-01
oval:org.opensuse.security:def:25555	P	Security update for mariadb-100 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32640	P	bzip2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32750	P	mozilla-xulrunner192 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33471	P	Security update for lcms	2020-12-01
oval:org.opensuse.security:def:31046	P	Security update for the Linux Kernel (Critical)	2020-12-01
oval:org.opensuse.security:def:28037	P	Security update for cairo (Moderate)	2020-12-01
oval:org.opensuse.security:def:26350	P	Security update for ansible (Moderate)	2020-12-01
oval:org.opensuse.security:def:26348	P	Security update for SDL2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26450	P	Security update for MozillaThunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:27167	P	lcms on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31811	P	Security update for apache2 (Important)	2020-12-01
oval:org.opensuse.security:def:31800	P	Security update for SuSEfirewall2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32659	P	expat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25498	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:25569	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:25706	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:32689	P	kdebase3-runtime on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26543	P	expat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31047	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:28167	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26434	P	Security update for pdns (Important)	2020-12-01
oval:org.opensuse.security:def:26397	P	Security update for plasma5-workspace (Important)	2020-12-01
oval:org.opensuse.security:def:26784	P	mono-core on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31971	P	Security update for jakarta-commons-collections (Moderate)	2020-12-01
oval:org.opensuse.security:def:31770	P	Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (Important)	2020-12-01
oval:org.opensuse.security:def:31867	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:31977	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:32698	P	lcms on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25718	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:25562	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25626	P	Security update for libqt5-qtbase (Important)	2020-12-01
oval:org.opensuse.security:def:25759	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:32728	P	libqt4-sql-mysql on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26578	P	lcms on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31058	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:28251	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26585	P	libexif on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26436	P	Security update for pdns-recursor (Moderate)	2020-12-01
oval:org.opensuse.security:def:27422	P	java-1_7_1-ibm-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31972	P	Security update for jakarta-commons-fileupload (Important)	2020-12-01
oval:org.opensuse.security:def:31853	P	Security update for coreutils (Important)	2020-12-01
oval:org.opensuse.security:def:31857	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:31916	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:25719	P	Security update for ipmitool (Important)	2020-12-01
oval:org.opensuse.security:def:25690	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:25710	P	Security update for log4j (Important)	2020-12-01
oval:org.opensuse.security:def:25808	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25905	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:31132	P	Security update for kvm (Moderate)	2020-12-01
oval:org.opensuse.security:def:28308	P	Security update for opensc (Moderate)	2020-12-01
oval:org.opensuse.security:def:26638	P	squid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26740	P	libarchive2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27457	P	liblcms-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25129	P	Security update for openssl-1_1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31983	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:31945	P	Security update for gnutls (Important)	2020-12-01
oval:org.opensuse.security:def:31955	P	Security update for gstreamer-0_10-plugins-good (Important)	2020-12-01
oval:org.opensuse.security:def:32861	P	foomatic-filters on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25730	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:25771	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25861	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25847	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26698	P	foomatic-filters on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28392	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:26687	P	e2fsprogs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28745	P	Security update for libgcrypt	2020-12-01
oval:org.opensuse.security:def:25130	P	Security update for ntp (Moderate)	2020-12-01
oval:org.opensuse.security:def:32057	P	Security update for kvm (Moderate)	2020-12-01
oval:org.opensuse.security:def:26008	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25794	P	Security update for libssh (Moderate)	2020-12-01
oval:org.opensuse.security:def:25828	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:25914	P	Security update for firebird (Moderate)	2020-12-01
oval:org.opensuse.security:def:26016	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:26733	P	lcms on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28544	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:26726	P	kdelibs4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25141	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:32455	P	Security update for xorg-x11-libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26009	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25922	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25912	P	Security update for zziplib (Moderate)	2020-12-01
oval:org.opensuse.security:def:25963	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:26262	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31403	P	Security update for perl-DBD-mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:31413	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:28597	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:28701	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:25284	P	Security update for xrdp (Important)	2020-12-01
oval:org.opensuse.security:def:25205	P	Security update for ceph (Important)	2020-12-01
oval:org.opensuse.security:def:26020	P	Security update for libraw (Moderate)	2020-12-01
oval:org.opensuse.security:def:26003	P	Security update for yaml-cpp (Moderate)	2020-12-01
oval:org.opensuse.security:def:26002	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26900	P	fvwm2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31404	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:31419	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:31500	P	Security update for python-paramiko (Moderate)	2020-12-01
oval:org.opensuse.security:def:28646	P	Security update for compat-openssl097g (Moderate)	2020-12-01
oval:org.opensuse.security:def:31866	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:25285	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:25333	P	Security update for apache-commons-httpclient (Important)	2020-12-01
oval:org.opensuse.security:def:32341	P	Security update for spice (Moderate)	2020-12-01
oval:org.opensuse.security:def:32301	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:32411	P	Security update for wireshark (Low)	2020-12-01
oval:org.opensuse.security:def:33132	P	lcms on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:29277	P	RHSA-2009:0377 -- java-1.6.0-openjdk security update (Important)	2015-08-17
oval:org.mitre.oval:def:29236	P	RHSA-2009:0339 -- lcms security update (Moderate)	2015-08-17
oval:org.mitre.oval:def:22718	P	ELSA-2009:0377: java-1.6.0-openjdk security update (Important)	2014-07-21
oval:org.mitre.oval:def:13131	P	USN-744-1 -- lcms vulnerabilities	2014-07-07
oval:org.mitre.oval:def:7412	P	DSA-1745 lcms -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:13469	P	DSA-1769-1 openjdk-6 -- several	2014-06-23
oval:org.mitre.oval:def:8037	P	DSA-1769 openjdk-6 -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:13591	P	DSA-1745-2 lcms -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:13746	P	DSA-1745-1 lcms -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:22595	P	ELSA-2009:0339: lcms security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:9742	V	Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.	2013-04-29
oval:org.debian:def:1769	V	several vulnerabilities	2009-04-11
oval:com.redhat.rhsa:def:20090377	P	RHSA-2009:0377: java-1.6.0-openjdk security update (Important)	2009-04-07
oval:org.debian:def:1745	V	several vulnerabilities	2009-03-20
oval:com.redhat.rhsa:def:20090339	P	RHSA-2009:0339: lcms security update (Moderate)	2009-03-19

BACK