Vulnerability CVE-2009-2414 - CERT Civis.Net

Vulnerability Name:

CVE-2009-2414 (CCN-52739)

Assigned:

2009-08-10

Published:

2009-08-10

Updated:

2023-02-13

Summary:

Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the Codenomicon XML fuzzing framework.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.5 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:UR)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.5 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:UR)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.5 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:UR)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2009-2414

Source: CCN
Type: Google Chrome Releases
CVE-2009-2935 Unauthorized memory read from Javascript

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: RHSA-2009-1206
Moderate: libxml and libxml2 security update

Source: CCN
Type: SA36207
libxml2 DTD Parsing Denial of Service Vulnerabilities

Source: CCN
Type: SA36417
Google Chrome Multiple Vulnerabilities

Source: CCN
Type: SA36631
Sun libxml2 DTD Parsing Denial of Service Vulnerabilities

Source: CCN
Type: SA36811
Sun StarOffice / StarSuite XML Parsing Multiple Vulnerabilities

Source: CCN
Type: SA37346
Apple Safari Multiple Vulnerabilities

Source: CCN
Type: Sun Alert ID: 266088
Security Vulnerability in StarOffice/StarSuite 8 and 9 Related to XML Document Processing may Lead to Arbitrary Code Execution

Source: CCN
Type: Sun Alert #266688
Security Vulnerabilities in libxml2 Library Related to Parsing of Element Declarations, Notation and Enumeration Attribute Types may Lead to a Denial of Service (DoS)

Source: CCN
Type: Apple Web site
About Security Update 2009-006 / Mac OS X v10.6.2

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Apple Safari Web site
About the security content of Safari 4.0.4

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: Patch
secalert@redhat.com

Source: DEBIAN
Type: DSA-1859
libxml2 -- several vulnerabilities

Source: DEBIAN
Type: DSA-1861
libxml -- several vulnerabilities

Source: CCN
Type: GLSA-201009-07
libxml2: Denial of Service

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: BID-36010
libxml2 Multiple Memory Corruption Vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: USN-815-1
libxml2 vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Red Hat Bugzilla Bug 515195
CVE-2009-2414 libxml, libxml2, mingw32-libxml2: Stack overflow by parsing root XML element DTD definition

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: XF
Type: UNKNOWN
libxml2-dtd-dos(52739)

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: SUSE
Type: SUSE-SR:2009:015
SUSE Security Summary Report

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*

OR cpe:/a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.2.149.27:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.2.149.29:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.2.149.30:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.36:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.43:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.42:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.39:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.4.154.33:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.4.154.31:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.4.154.22:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.4.154.18:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.3.154.3:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.3.154.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.2.153.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:0.2.152.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.53:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.157.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.157.2:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.156.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.158.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.159.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.46:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.59:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.48:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.172.30:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:1.0.154.52:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.172:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.172.31:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.172.33:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:2.0.172.37:*:*:*:*:*:*:*

OR cpe:/a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*

OR cpe:/a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*

OR cpe:/a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*

OR cpe:/a:xmlsoft:libxml:1.8.17:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.1:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.3:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.4_beta:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.1:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.4:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.1.1:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*

OR cpe:/a:apple:safari:3.1.2:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*

OR cpe:/a:apple:safari:3.2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.2.1:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.2.2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.0b:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.1b:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.2b:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.0.3b:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.1.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.1.0b:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:3.2.3:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:4.0:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:4.0.1:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.1:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.1:*:*:*:x86_64:*:*:*

OR cpe:/a:apple:safari:4.0.2:*:*:*:*:*:*:*

OR cpe:/a:apple:safari:4.0.3:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*

OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:*

OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:42389	P	Security update for kernel-firmware (Moderate)	2022-05-25
oval:org.opensuse.security:def:20092414	V	CVE-2009-2414	2022-05-20
oval:org.opensuse.security:def:42182	P	Security update for gzip (Important)	2022-05-10
oval:org.opensuse.security:def:31328	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:31709	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:32225	P	Security update for postgresql10 (Important)	2021-11-22
oval:org.opensuse.security:def:26162	P	Security update for pcre (Moderate)	2021-11-10
oval:org.opensuse.security:def:31697	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:31294	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:31698	P	Security update for transfig (Important)	2021-10-29
oval:org.opensuse.security:def:31696	P	Security update for postgresql10 (Important)	2021-10-20
oval:org.opensuse.security:def:32203	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:26134	P	Security update for the Linux Kernel (Important)	2021-09-23
oval:org.opensuse.security:def:31686	P	Security update for xen (Important)	2021-09-23
oval:org.opensuse.security:def:31254	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:26109	P	Security update for unrar (Moderate)	2021-08-25
oval:org.opensuse.security:def:32164	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:31667	P	Security update for fetchmail (Moderate)	2021-08-18
oval:org.opensuse.security:def:31243	P	Security update for cpio (Important)	2021-08-14
oval:org.opensuse.security:def:26101	P	Security update for php74 (Important)	2021-08-06
oval:org.opensuse.security:def:31242	P	Security update for djvulibre (Important)	2021-08-05
oval:org.opensuse.security:def:32151	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:32946	P	Security update for freeradius-server (Moderate)	2021-06-11
oval:org.opensuse.security:def:36509	P	libxml2-devel-2.7.6-0.31.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42638	P	libxml2-2.7.6-0.31.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36231	P	libxml2-2.7.6-0.31.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:26070	P	Security update for spice (Important)	2021-06-08
oval:org.opensuse.security:def:32115	P	Security update for spice (Important)	2021-06-08
oval:org.opensuse.security:def:36508	P	libxml-1.8.17-481.19.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:26065	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:26058	P	Security update for postgresql10 (Moderate)	2021-05-27
oval:org.opensuse.security:def:26059	P	Security update for postgresql12 (Moderate)	2021-05-27
oval:org.opensuse.security:def:26057	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:26043	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:32907	P	Security update for gdm (Important)	2021-04-28
oval:org.opensuse.security:def:31162	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:31609	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:32062	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:32064	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:32059	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:26211	P	Security update for glib2 (Important)	2021-03-16
oval:org.opensuse.security:def:26206	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:31742	P	Security update for git (Important)	2021-03-09
oval:org.opensuse.security:def:32269	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:26122	P	Security update for python-urllib3 (Moderate)	2021-02-03
oval:org.opensuse.security:def:26133	P	Security update for java-1_8_0-ibm (Moderate)	2021-01-05
oval:org.opensuse.security:def:26069	P	Security update for java-1_7_1-ibm (Moderate)	2021-01-04
oval:org.opensuse.security:def:25984	P	Security update for cyrus-sasl (Important)	2020-12-28
oval:org.opensuse.security:def:32018	P	Security update for MozillaFirefox (Critical)	2020-12-21
oval:org.opensuse.security:def:32007	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:31088	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:35982	P	libxml2-2.7.6-0.23.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42015	P	libxml2-2.7.6-0.1.37 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35608	P	libxml2-2.7.6-0.1.37 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35775	P	libxml2-2.7.6-0.13.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:31449	P	Security update for postgresql10 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25529	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31791	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26573	P	kernel-default on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25325	P	Security update for freetype2 (Important)	2020-12-01
oval:org.opensuse.security:def:31443	P	Security update for policycoreutils (Moderate)	2020-12-01
oval:org.opensuse.security:def:32363	P	Security update for sudo (Moderate)	2020-12-01
oval:org.opensuse.security:def:26556	P	gmime on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26790	P	ofed on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25171	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:25817	P	Security update for pidgin-otr (Important)	2020-12-01
oval:org.opensuse.security:def:26635	P	quagga on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31996	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:26774	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25533	P	Security update for ed (Low)	2020-12-01
oval:org.opensuse.security:def:26262	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25877	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:27471	P	libpixman-1-0-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31535	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:25585	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:26459	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:25401	P	Security update for freetype2 (Important)	2020-12-01
oval:org.opensuse.security:def:25935	P	Security update for libcares2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31386	P	Security update for openvpn-openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:32307	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:26264	P	Security update for gegl (Moderate)	2020-12-01
oval:org.opensuse.security:def:27507	P	libxml2-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31915	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:26775	P	libxslt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25736	P	Security update for mozilla-nspr, mozilla-nss (Moderate)	2020-12-01
oval:org.opensuse.security:def:26483	P	Security update for chromium (Moderate)	2020-12-01
oval:org.opensuse.security:def:31957	P	Security update for gdk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26739	P	libapr1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25532	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25838	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26833	P	tgt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31461	P	Security update for postgresql94 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25501	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:26410	P	Security update for freexl (Important)	2020-12-01
oval:org.opensuse.security:def:33194	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25337	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:26981	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25781	P	Security update for libqt4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31903	P	Security update for fontconfig (Low)	2020-12-01
oval:org.opensuse.security:def:27472	P	libpng-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31076	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31783	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25751	P	Security update for libssh (Moderate)	2020-12-01
oval:org.opensuse.security:def:26736	P	libQtWebKit4-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25608	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26399	P	Security update for pdns (Moderate)	2020-12-01
oval:org.opensuse.security:def:31908	P	Security update for freetype2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31552	P	Security update for socat (Moderate)	2020-12-01
oval:org.opensuse.security:def:25789	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:26512	P	Security update for pdns-recursor (Moderate)	2020-12-01
oval:org.opensuse.security:def:32573	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31450	P	Security update for postgresql10 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25444	P	Security update for sysstat (Moderate)	2020-12-01
oval:org.opensuse.security:def:26357	P	Security update for enigmail (Important)	2020-12-01
oval:org.opensuse.security:def:26776	P	libzip1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33155	P	libicu-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25160	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:26484	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26946	P	libecpg6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25780	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:31816	P	Security update for apport (Moderate)	2020-12-01
oval:org.opensuse.security:def:26004	P	Security update for shotwell (Moderate)	2020-12-01
oval:org.opensuse.security:def:26834	P	tomcat6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25667	P	Security update for u-boot (Important)	2020-12-01
oval:org.opensuse.security:def:26687	P	e2fsprogs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25544	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26342	P	Security update for openjpeg2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31852	P	Recommended udpate for SUSE Manager Client Tools (Low)	2020-12-01
oval:org.opensuse.security:def:32451	P	Security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:27229	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31460	P	Security update for postgresql94 (Important)	2020-12-01
oval:org.opensuse.security:def:26250	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32534	P	kde4-kgreeter-plugins on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25363	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:25958	P	Security update for libwpd (Important)	2020-12-01
oval:org.opensuse.security:def:26737	P	libadns1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32517	P	g3utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25159	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:25856	P	Security update for gd (Important)	2020-12-01
oval:org.opensuse.security:def:26400	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26308	P	Security update for python modules (Low)	2020-12-01
oval:org.opensuse.security:def:31759	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:25955	P	Security update for gstreamer-0_10-plugins-bad (Moderate)	2020-12-01
oval:org.opensuse.security:def:26789	P	ntp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32739	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25610	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26634	P	qt3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31830	P	Security update for bind (Critical)	2020-12-01
oval:org.opensuse.security:def:26608	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25326	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:26261	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:31530	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:32412	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:27194	P	liblzo2-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31896	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25235	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25874	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26688	P	ecryptfs-utils-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32473	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:25792	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:26343	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:25891	P	Security update for libimobiledevice, usbmuxd (Important)	2020-12-01
oval:org.opensuse.security:def:27506	P	libxml on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31077	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25902	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26498	P	Security update for nextcloud (Moderate)	2020-12-01
oval:org.opensuse.security:def:32700	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:28958	P	RHSA-2009:1206 -- libxml and libxml2 security update (Moderate)	2015-08-17
oval:org.mitre.oval:def:13882	P	USN-815-1 -- libxml2 vulnerabilities	2014-06-30
oval:org.mitre.oval:def:13681	P	DSA-1859-1 libxml2 -- several	2014-06-23
oval:org.mitre.oval:def:8132	P	DSA-1859 libxml2 -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:13712	P	DSA-1861-1 libxml -- several	2014-06-23
oval:org.mitre.oval:def:8116	P	DSA-1861 libxml -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:22743	P	ELSA-2009:1206: libxml and libxml2 security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:8639	V	VMware libxml2 stack consumption vulnerability	2014-01-20
oval:org.mitre.oval:def:10129	V	Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the Codenomicon XML fuzzing framework.	2013-04-29
oval:org.debian:def:1861	V	several vulnerabilities	2009-08-13
oval:com.redhat.rhsa:def:20091206	P	RHSA-2009:1206: libxml and libxml2 security update (Moderate)	2009-08-10
oval:org.debian:def:1859	V	several vulnerabilities	2009-08-10